Critical vulnerability in React JS framework has a near 100% chance to be exploited

Researchers have uncovered a critical security flaw that could have catastrophic consequences for web and private cloud ...
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...

Admins and defenders gird themselves against maximum-severity server vuln

According to Wiz and fellow security firm Aikido, the vulnerability, tracked as CVE-2025-55182, resides in Flight, a protocol ...

Critical React2Shell flaw actively exploited in China-linked attacks

Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and ...
CSO Online

Warning: React2Shell vulnerability already being exploited by threat actors

It has been seen spreading cryptojacking malware and in attempts to steal cloud credentials from compromised machines.
SecurityWeek

Chinese Hackers Exploiting React2Shell Vulnerability

Threat actors have apparently started exploiting the newly disclosed React vulnerability tracked as React2Shell and ...
Hackaday

This Week In Security: React, JSON Formatting, And The Return Of Shai Hulud

After a week away recovering from too much turkey and sweet potato casserole, we’re back for more security news! And if you ...

It never rains, but it pours: A security bug with a maximum severity rating is putting many of the worlds' servers at risk

It's so bad that it has a maximum severity rating on the CVE database. Fortunately, React's developers created a fix almost ...