Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Crypto News

Major JavaScript Library Breach Puts All Crypto Websites at Risk

React vulnerability CVE-2025-55182 exploited by crypto-drainers to execute remote code and steal funds from affected websites ...
FinanceFeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers exploit a critical React JavaScript vulnerability, CVE-2025-55182, to deploy crypto wallet drainers on legitimate websites ...

Critical vulnerability in React JS framework has a near 100% chance to be exploited

Researchers have uncovered a critical security flaw that could have catastrophic consequences for web and private cloud ...
The Register on MSN

China, Iran are having a field day with React2Shell, Google warns

Who hasn't exploited this max-severity flaw? At least five more Chinese spy crews, Iran-linked goons, and financially ...

'Exploitation is imminent' as 39 percent of cloud environs have max-severity React hole

A maximum-severity flaw in the widely used JavaScript library React, and several React-based frameworks including Next.js ...
ZDNet

Facebook's React 17 JavaScript library: Here's why its top feature is 'no new features'

The open-source project behind Facebook's React JavaScript library has unveiled the first release candidate for React 17, its first major version in two and a half years. However, the project ...