Microsoft

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...
The Hacker News

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team ...
The Hacker News

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of ...
SecurityWeek

Exploitation of React2Shell Surges

An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. An increasing number of threat actors have been attempting to exploit the ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Ars Technica

Admins and defenders gird themselves against maximum-severity server vuln

Security defenders are girding themselves in response to the disclosure of a maximum-severity vulnerability disclosed Wednesday in React Server, an open-source package that’s widely used by websites ...
Dark Reading

Critical React Flaw Triggers Calls for Immediate Action

A maximum-severity vulnerability in React, a widely used open source software library, could enable remote code execution (RCE) in a massive number of cloud environments, sparking grave concern within ...
InfoQ

Meta Ships React 19.2 Featuring Activity API, Cache Signals, and SSR Enhancements

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
GitHub

[Bug]: React 19 not added as a peer dependency

I have a project that uses react-chartjs-2 and the 18th version of react and everything used to work just fine. However when I tried to upgrade to React 19, the ...
Tech.co

Top 8 Best YouTube Channels for Free AI Tutorials

AI tools are the latest craze to impact the tech industry — and by extension, the rest of the world. For years now, bosses everywhere are trying to boost profits by replacing workers with AI, and ...
Hacker

How to Test React Components With Jest And React Testing Library

Keploy is AI based test case and stubs/mocks generator for e2e testing. 90% test coverage in minutes with open source ...