Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote ...

Admins and defenders gird themselves against maximum-severity server vuln

According to Wiz and fellow security firm Aikido, the vulnerability, tracked as CVE-2025-55182, resides in Flight, a protocol ...
Dark Reading

Critical React Flaw Triggers Calls for Immediate Action

The vulnerability, which was assigned two CVEs with maximum CVSS scores of 10, may affect more than a third of cloud service ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...
InfoQ

Accessibility with Interactive Components at React Advanced Conf

Dynamic React speaker Aurora Scharff captivated attendees at React Advanced 2025 with her talk on "Building Interactive Async ...