A new report from VulnCheck reveals that, despite less than 1% of software vulnerabilities being exploited last year, the rate of exploitation of these flaws has increased significantly. In 2025, more than 14,400 exploits related to approximately 10,500 unique CVEs were recorded, representing a 16.5% increase compared to the previous year.
We finish off the evil sooner
A large part of this increase is attributed to test code generated by artificial intelligence. However, researchers warn that a large portion of this AI-generated code is non-functional, which adds a layer of complexity for security teams when trying to determine which threats are the most critical. The inability to adequately prioritize these threats becomes a problem as attack groups are able to exploit vulnerabilities before defenders can apply security patches or implement other mitigation measures.
Caitlin Condon, Vice President of Security Research at VulnCheck, commented that the large amount of information generated by AI creates difficulties for defenders trying to discern what constitutes legitimate threats and what can be ignored. More than half of the CVEs related to ransomware were identified from zero-day vulnerabilities, highlighting the urgency of addressing these weaknesses before they are exploited.
The most significant vulnerability of 2025 was React2Shell, identified as CVE-2025-55182, with 236 known exploits. Likewise, a vulnerability in Microsoft Sharepoint, labeled as CVE-2025-53770, was reported with 36 exploits. This data highlights the increasing pressure on cybersecurity teams to protect critical systems in an environment where threats are becoming more sophisticated and rapid.