腾讯网

10级漏洞刚补完,React又炸了!现代Web“默认底座”因一行代码缺失 ...

编译 | Tina、冬梅上周刚追完 10 级补丁,以为能喘口气了?还不行。12 月 12 日,React 官方确认,研究人员在验证上周补丁时,竟又在 React Server ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked ...
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...
InfoQ中国 on MSN

紧急补丁——React服务器函数中的严重漏洞CVE-2025-55182被主动利用

11月29日, Lachlan Davidson 报告了React Server Components(RSC)中一个未经身份验证的远程代码执行(RCE)漏洞。该漏洞于12月3日公开披露,并被追踪为 CVE-2025-55182 ...

Half of exposed React servers remain unpatched amid active exploitation

Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ...

Critical React Vulnerability Puts Web Servers At Immediate Risk

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...

Beijing-linked hackers are hammering max-severity React bug, AWS warns

Amazon has warned that China-nexus hacking crews began hammering the critical React "React2Shell" vulnerability within hours ...
GovInfoSecurity

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of ...