Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.

吴说获悉，慢雾首席信息安全官 23pds 发推表示，鉴于 React/Next.js 最新远程代码执行漏洞已出现新的攻击链，相关攻击成功率将显著提升。由于目前大量 DeFi 平台使用 React，该漏洞可能影响范围广泛，各 DeFi 平台需防范相关安全风险。

Now stable in Next.js 13.4, the new App Router builds on React Server Components and React Suspense to improve data fetching, page loading, and the developer experience. Next.js 13.4, the latest ...