Cybernews

React, Next.js disclose follow-up vulnerabilities, again urge users to patch immediately

React and Next.js are urging developers to immediately patch two additional, follow-up vulnerabilities that were discovered ...
Techzine Europe

Three new vulnerabilities discovered in React Server Components

Following the critical vulnerability CVE-2025-55182 in React Server Components, researchers have found three new leaks. Two ...

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting ...

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...
Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

Hackers are exploiting a JavaScript library to plant crypto drainers

Hackers are exploiting a vulnerability in React to inject wallet-draining malware into cryptocurrency websites.
Infosecurity-magazine.com

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

A critical remote code execution vulnerability in React.js has been identified. React.js is a JavaScript library for building fast, interactive user interfaces (UIs) using reusable components. The ...