Techzine Europe

Three new vulnerabilities discovered in React Server Components

Following the critical vulnerability CVE-2025-55182 in React Server Components, researchers have found three new leaks. Two ...
TechCentral.ie

State-linked groups target critical vulnerability in React Server Components

Researchers warn that critical vulnerabilities in Meta’s React Server Components and Next.js are under threat from botnets and state-linked adversaries. China-nexus threat groups, tracked as Earth ...
Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

Cloudflare says its WAF is already protecting users from new React security flaws: Here what it means

Cloudflare activates automatic WAF protection against a major React Server Components flaw as developers race to patch vulnerable systems worldwide.
Security Boulevard

Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity Vulnerability in React2Shell

RCE flaw in React and Next.js is being actively exploited by China-nexus threat groups, prompting urgent patching and global mitigations.
CoinDesk

New React bug that can drain all your tokens is impacting 'thousands of' websites

Attackers are using the vulnerability to deploy malware and crypto-mining software, compromising server resources and ...

Criminal IP Reveals Global React2Shell RCE Exposure Across React Server Components

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ...
The Hacker News

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

CISA warns that attackers are actively exploiting the React2Shell CVE-2025-55182 flaw, urging fast patching across vulnerable ...