"threat actor activity react2shell exploitation dominated december ’ s cve activity : threat actors observed to have exploited this vulnerability : china - nexus actors earth lamia and jackpot panda china - linked clusters unc6600, unc6586, unc6588, unc6603, and unc6595 north kore…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
83%
"- 434 ( unrestricted upload of file with dangerous type ) yes table 1 : list of vulnerabilities that were actively exploited in december based on recorded future data ( source : recorded future ) key trends in december 2025 affected vendors fortinet continued vulnerability concer…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
68%
". 1. 4, or 19. 2. 3 immediately update next. js to 16. 0. 7, 15. 5. 7, 15. 4. 8, 15. 3. 6, 15. 2. 6, 15. 1. 9, or 15. 0. 5 monitor for unusual multipart / form - data post requests consistent with next. js server actions / rsc endpoints check logs for e { " digest " error pattern…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
42%
"priority alert : active exploitation these vulnerabilities demand immediate attention due to confirmed widespread exploitation. cve - 2025 - 55182 | meta react server components ( react2shell ) risk score : 99 ( very critical ) | cisa kev : added december 5, 2025 why this matters…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
40%
"s surge reflects both new zero - days and renewed interest in legacy vulnerabilities. react2shell alone demonstrates how quickly modern web frameworks can become global attack vectors. quick reference table all 22 vulnerabilities below were actively exploited in december 2025. # …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
37%
"december 2025 cve landscape : 22 critical vulnerabilities mark 120 % surge, react2shell dominates threat activity december 2025 witnessed a dramatic 120 % increase in high - impact vulnerabilities, with recorded future ' s insikt group® identifying 22 vulnerabilities requiring im…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
December 2025 saw a 120% surge in critical CVEs, with 22 exploited flaws and React2Shell (CVE-2025-55182) dominating threat activity across Meta’s React framework.