React2Shell: maximum severity vulnerability discovered in React
React2Shell: maximum severity vulnerability discovered in React
www.tenable.com
CVE-2025-55182: Frequently Asked Questions About React2Shell: React Server Components Remote Code Execution Vulnerability
React2Shell: A critical React flaw allowing unauthenticated RCE. Impacts include Next.js, React Router, and apps using Server Components.
I got an email from Vercel urging to upgrade Next.js based project 3 days ago. POC was published 2 days ago. Today I've checked my logs and I could already see attack attempts.