Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...
Cybernews

React, Next.js disclose follow-up vulnerabilities, again urge users to patch immediately

React and Next.js are urging developers to immediately patch two additional, follow-up vulnerabilities that were discovered ...
Techzine Europe

Three new vulnerabilities discovered in React Server Components

Following the critical vulnerability CVE-2025-55182 in React Server Components, researchers have found three new leaks. Two ...
The Hacker News

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited ...
HealthcareInfoSecurity

Chinese Nation-State Groups Tied to 'React2Shell' Targeting

Warnings continue to mount over a critical vulnerability in the widely used web application framework React, with threat ...
Cryptopolitan on MSN

Critical React flaw triggers a wave of crypto wallet drainers

SEAL Security researchers warned that a critical React flaw fueled a surge in wallet-draining attacks on crypto websites.
Cybernews

Compromised Next.js devices weaponized by attackers: thousands remain vulnerable

Security researchers warn that hundreds of compromised Next.js devices are attacking others, and tens of thousands of servers ...
Security Boulevard

React Fixes Two New RSC Flaws as Security Teams Deal with React2Shell

As they work to fend off the rapidly expanding number of attempts by threat actors to exploit the dangerous React2Shell vulnerability, security teams are learning of two new flaws in React Server ...