Following the critical vulnerability CVE-2025-55182 in React Server Components, researchers have found three new leaks. Two ...
React and Next.js are urging developers to immediately patch two additional, follow-up vulnerabilities that were discovered ...
Attackers are using the vulnerability to deploy malware and crypto-mining software, compromising server resources and ...
In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...
Cloudflare activates automatic WAF protection against a major React Server Components flaw as developers race to patch vulnerable systems worldwide.
Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked threat actors, Earth Lamia and Jackpot Panda, have been exploiting it in ...
Researchers warn that critical vulnerabilities in Meta’s React Server Components and Next.js are under threat from botnets ...
A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate ...
React2Shell, a critical Node.js vulnerability, is driving massive global exploitation as attackers target smart devices and ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback