The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Critical RSC flaws in React and Next.js enable unauthenticated remote code execution; users should update to patched versions ...

React2Shell patch insufficient, attacks widen

Updates to close a critical vulnerability in React servers are incomplete. More and more attackers are exploiting the leak.
CRN

React Server Vulnerability Is No Cause For Panic: Security Expert

A critical-severity vulnerability impacting the popular React open-source library deserves attention, but is far from the ...
CSO Online

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.
Dark Reading

Critical React Flaw Triggers Calls for Immediate Action

The vulnerability, which was assigned two CVEs with maximum CVSS scores of 10, may affect more than a third of cloud service ...
Security Boulevard

Three New React Vulnerabilities Surface on the Heels of React2Shell

CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779 require immediate attention ...