The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Critical RSC flaws in React and Next.js enable unauthenticated remote code execution; users should update to patched versions ...
CSO Online

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.

Critical React Vulnerability Puts Web Servers At Immediate Risk

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...
The Hacker News

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting ...
Cybernews

“Desperate” Chinese hackers are already exploiting React2Shell

A newly identified vulnerability dubbed React2Shell, which was only made public on Thursday, is already being exploited by ...

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...