InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.
51CTO服务器频道

紧急:React 19 和 Next.js 的 React 服务器组件存在关键漏洞

如果你在用 React 19 / Next.js 15 / 16, 这篇就当是一个温柔但坚决的催命信: Vercel 已经出手,在它的全球 Web Application Firewall(WAF)上, 加了一层拦截规则,免费帮所有托管在上面的项目挡一波。

React/Next.js 曝满分RCE漏洞,无需认证即可远程代码执行

近期,聚铭安全攻防实验室监测发现了一项与React Server Components相关的远程代码执行漏洞, 该漏洞已被披露,编号为 CVE-2025-55182,CVSS 评分为 10.0 。
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...
The Next Web

Facebook re-licenses React under MIT license after developer backlash

A major barrier to the adoption of Facebook’s React front-end library has been its license. Facebook chose to use a BSD-derived license that contained some troubling terms surrounding patent ...
TechRepublic

JetBrains State of Developer Ecosystem 2023: React Reigns in JavaScript Realm

JetBrains State of Developer Ecosystem 2023: React Reigns in JavaScript Realm Your email has been sent The survey reveals that React's usage share of 58% is testament ...