Experts warn this 'worst case scenario' React vulnerability could soon be exploited - so patch now

React is one of the most popular JavaScript libraries, which powers much of today’s internet. Researchers recently discovered a maximum-severity vulnerability. This bug could allow even the ...
SecurityWeek

Exploitation of React2Shell Surges

Exploitation of React2Shell started almost immediately after disclosure. AWS reported that at least two known China-linked threat actors, Earth Lamia and Jackpot Panda, have been exploiting it in ...
Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...