December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and ...
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...
In early December, the React team published a security advisory detailing a pre-authentication bug in multiple versions of multiple packs, affecting RCS. The bug, now dubbed “React2Shell”, is tracked ...
A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...
A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as ...
If you're new here, we recommend using Floating UI's React DOM Interactions package instead of this library. It offers a first class React experience rather than being a wrapper around a vanilla ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback