#cve-2025-55182

[ follow ]
#remote-code-execution #react-server-components #react2shell #nextjs #react #cryptomining
Information security
fromSecurityWeek
1 day ago

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.
#react2shell
more#react2shell
Information security
fromThe Hacker News
3 months ago

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

A nine-month campaign used React2Shell (CVE-2025-55182) and other N-day flaws to enroll IoT devices and web apps into the RondoDox botnet, deploying miners and Mirai variants.
#react-server-components
fromThisweekinreact
3 months ago
React

This Week In React #262: React2Shell, Fate, TanStack AI, React Grab, Formisch, Base UI | React Native 0.83, Reanimated 4.2, State of RN, Refined, Crypto, Worklets, Sheet Navigator | CSS, Temporal, Supply Chain, Firefox | This Week In React

fromInfoQ
3 months ago
Information security

Patch Urgently - Critical Vulnerability CVE-2025-55182 in React Server Functions Actively Exploited

fromThisweekinreact
3 months ago
React

This Week In React #262: React2Shell, Fate, TanStack AI, React Grab, Formisch, Base UI | React Native 0.83, Reanimated 4.2, State of RN, Refined, Crypto, Worklets, Sheet Navigator | CSS, Temporal, Supply Chain, Firefox | This Week In React

fromInfoQ
3 months ago
Information security

Patch Urgently - Critical Vulnerability CVE-2025-55182 in React Server Functions Actively Exploited

more#react-server-components
Information security
fromTheregister
3 months ago

Cloudflare blames Friday outage on borked React2shell fix

Cloudflare intentionally took down its network to patch the critical React2Shell vulnerability, causing a major outage while denying any cyber attack caused it.
#react
more#react
Information security
fromComputerWeekly.com
3 months ago

Cloudflare fixes second outage in a month | Computer Weekly

Cloudflare briefly lost Dashboard and API availability due to a WAF parsing change deployed to mitigate a critical React Server Components RCE (React2Shell) vulnerability, now resolved.
Information security
fromInfoWorld
3 months ago

Developers urged to immediately upgrade React, Next.js

React 19's RSC Flight protocol contains a critical deserialization vulnerability enabling remote code execution; immediate upgrade and patching are required.
[ Load more ]