React2Shell (CVE-2025-55182): A Log4Shell Moment for the Front End Ecosystem(securitylabs.datadoghq.com)
securitylabs.datadoghq.com
React2Shell (CVE-2025-55182): A Log4Shell Moment for the Front End Ecosystem
https://securitylabs.datadoghq.com/articles/cve-2025-55182-react2shell-remote-code-execution-react-server-components/
1 コメント
This seems like a really big deal! It affects NextJS 15, even if the codebase isn't using Server Components, has a CVSS vulnerability score of 10/10, and there are known exploits in the wild. Can't see this doing wonders to the reputation of React Server Components.