Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
Crypto News

Major JavaScript Library Breach Puts All Crypto Websites at Risk

React vulnerability CVE-2025-55182 exploited by crypto-drainers to execute remote code and steal funds from affected websites ...

Critical vulnerability in React JS framework has a near 100% chance to be exploited

Researchers have uncovered a critical security flaw that could have catastrophic consequences for web and private cloud ...
Infosecurity Magazine

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...
InfoWorld

All I want for Christmas is a server-side JavaScript framework

Could 2026 be the year of the beautiful back end? We explore the range of options for server-side JavaScript development, ...
InfoQ

Javet 3.0.2 Released: Bridging Java and JavaScript with Enhanced Features

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...