#cve-2025-55182

[ follow ]
#react-server-components #remote-code-execution #react2shell #nextjs #react #cryptomining
Information security
fromThe Hacker News
2 weeks ago

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

A nine-month campaign used React2Shell (CVE-2025-55182) and other N-day flaws to enroll IoT devices and web apps into the RondoDox botnet, deploying miners and Mirai variants.
#react2shell
more#react2shell
#react-server-components
fromThisweekinreact
1 month ago
React

This Week In React #262: React2Shell, Fate, TanStack AI, React Grab, Formisch, Base UI | React Native 0.83, Reanimated 4.2, State of RN, Refined, Crypto, Worklets, Sheet Navigator | CSS, Temporal, Supply Chain, Firefox | This Week In React

Information security
fromInfoQ
1 month ago

Patch Urgently - Critical Vulnerability CVE-2025-55182 in React Server Functions Actively Exploited

Unauthenticated RCE (CVE-2025-55182) in React Server Components affects React 19.0.0–19.2.0 and Next.js 15/16 App Router; patch immediately.
Information security
fromThe Hacker News
1 month ago

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

A critical RSC deserialization vulnerability (CVE-2025-55182, React2Shell) enables unauthenticated remote code execution; patches released for react-server-dom packages and affected downstream frameworks.
fromThisweekinreact
1 month ago
React

This Week In React #262: React2Shell, Fate, TanStack AI, React Grab, Formisch, Base UI | React Native 0.83, Reanimated 4.2, State of RN, Refined, Crypto, Worklets, Sheet Navigator | CSS, Temporal, Supply Chain, Firefox | This Week In React

fromInfoQ
1 month ago
Information security

Patch Urgently - Critical Vulnerability CVE-2025-55182 in React Server Functions Actively Exploited

more#react-server-components
Information security
fromTheregister
1 month ago

Cloudflare blames Friday outage on borked React2shell fix

Cloudflare intentionally took down its network to patch the critical React2Shell vulnerability, causing a major outage while denying any cyber attack caused it.
#react
more#react
Information security
fromComputerWeekly.com
1 month ago

Cloudflare fixes second outage in a month | Computer Weekly

Cloudflare briefly lost Dashboard and API availability due to a WAF parsing change deployed to mitigate a critical React Server Components RCE (React2Shell) vulnerability, now resolved.
Information security
fromInfoWorld
1 month ago

Developers urged to immediately upgrade React, Next.js

React 19's RSC Flight protocol contains a critical deserialization vulnerability enabling remote code execution; immediate upgrade and patching are required.
[ Load more ]