TechCrunch

React Demolishes Engineering Silos So Facebook Can Reuse Code For Web, iOS, And Android

It was supposed to take 18 months. But with React Native, Facebook built its iOS Ads Manager app in 5 months, and then ported it to Android in just 3 more months. That’s because React Native let ...
Cybernews

React vulnerability hits crypto websites with drainers

As reported by Cybernews, the React vulnerability, which enables external attackers to run privileged, arbitrary code on ...
Opinion
知乎 on MSNOpinion

一年内连爆两个高危 CVE,我们是否可以认为 React/Next.js 押宝 SSR 是 ...

一年两个高危CVE,React/Next.js的问题不是SSR,是前端被逼着干后端的活 CVE年年有,今年特别多,这不稀奇。什么时候开始一个”前端框架”的漏洞,能造成这么大的攻击面了? 2015年的React就是个View层的库,Virtual DOM diff一下完事儿。现在你点开Next.js的文档看看,Server Components、Server ...

Patch Now! Critical Malware Vulnerability Threatens React

The JavaScript programming library React and certain apps created with it are vulnerable. Security updates are available for download.
InfoQ中国 on MSN

紧急补丁——React服务器函数中的严重漏洞CVE-2025-55182被主动利用

11月29日, Lachlan Davidson 报告了React Server Components(RSC)中一个未经身份验证的远程代码执行(RCE)漏洞。该漏洞于12月3日公开披露,并被追踪为 CVE-2025-55182 ...

Hackers are exploiting a JavaScript library to plant crypto drainers

Hackers are exploiting a vulnerability in React to inject wallet-draining malware into cryptocurrency websites.
Infosecurity Magazine

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, posing severe risks for server-side implementations ...