A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...
React vulnerability CVE-2025-55182 exploited by crypto-drainers to execute remote code and steal funds from affected websites ...
The vulnerability, which was assigned two CVEs with maximum CVSS scores of 10, may affect more than a third of cloud service ...
Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.
Researchers have uncovered a critical security flaw that could have catastrophic consequences for web and private cloud ...
Could 2026 be the year of the beautiful back end? We explore the range of options for server-side JavaScript development, ...
Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively exploited in attacks.
This week, the React flaw, a belated Windows fix, Defense Secretary Pete Hegseth's Signal group posed operational risk, more ...
Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the ...
As exploitation activity against CVE-2025-55182, researchers are finding some exploits contain bypasses for Web application firewall (WAF) rules.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback