Code Mala Tang

Dec 12, 2025 · Information Security

Is Your Next.js Project Safe? Inside the Critical React2Shell CVE‑2025‑55182 Vulnerability

The article warns that after an incomplete fix for the React2Shell flaw, two new critical vulnerabilities have emerged in React Server Components—a denial‑of‑service and a source‑code exposure issue—detailing their triggers and urging immediate remediation for all affected projects.