Rising Vulnerabilities and AI's Role in Cybersecurity Management
Severity: Low (Score: 39.9)
Sources: Recordedfuture, c3.unu.edu, zerodayclock.com, www.microsoft.com
Summary
The total number of disclosed vulnerabilities has surged from approximately 21,000 in 2021 to nearly 50,000 in 2025. Despite this increase, only 446 vulnerabilities were actively exploited in the wild in 2025, indicating that not all disclosed vulnerabilities pose immediate threats. Attackers prioritize vulnerabilities that are easy to exploit and widely used, leading to a narrowing window for organizations to remediate high-impact vulnerabilities. AI is being leveraged by both defenders and attackers to enhance vulnerability discovery and exploit development. Notably, nearly 29% of Known Exploited Vulnerabilities (KEVs) in 2025 were exploited on or before their CVE publication, highlighting the prevalence of zero-days. Organizations relying on outdated systems or manual processes face heightened risks as the pace of exploitation accelerates. The introduction of advanced AI models by companies like Anthropic and OpenAI aims to improve cyber defense capabilities, but the effectiveness of these tools in real-world scenarios remains to be fully evaluated. Key Points: • Disclosed vulnerabilities rose from 21,000 in 2021 to nearly 50,000 in 2025. • Only 446 vulnerabilities were actively exploited in 2025, showing a small fraction of threats. • AI is increasingly used by both attackers and defenders to enhance vulnerability management.