UIライブラリ「React」（React.js）および「Next.js」で、認証なしにリモートコード実行が可能になる重大なセキュリティ脆弱性「CVE-2025-55182」が存在することが明らかになった。この脆弱性は「React2Shell」とも呼ばれており、CVSSの基本値は満点の「10.0」。

A critical remote code execution vulnerability in React.js has been identified. React.js is a JavaScript library for building fast, interactive user interfaces (UIs) using reusable components. The ...

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.

The current study JavaScript Rising Stars 2025 has been released. It measures the popularity of JavaScript projects based on new GitHub stars added within the last year. n8n leads this time by a wide ...

Facepalm: A widely used web technology is affected by a serious security vulnerability that can be exploited with minimal effort to compromise servers. Known as "React2Shell," the flaw may require ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...