Skip to content

Priyanshu Patidar

React2Shell (CVE-2025-55182): Pre‑Auth RCE In React & Next.js- A Log4Shell‑Style Wake‑Up Call

On 3rd December 2025, a critical remote code execution vulnerability was disclosed in the React Server Components (RSC) ecosystem, widely known as React2Shell and tracked as CVE‑2025‑55182 (React) and CVE‑2025‑66478 (Next.js, later merged into the main CVE). The flaw allows unauthenticated remote code execution (pre‑auth RCE) on servers using React Server Components and frameworks like… Read More »React2Shell (CVE-2025-55182): Pre‑Auth RCE In React & Next.js- A Log4Shell‑Style Wake‑Up Call

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.

CONSENT REQUIRED

Before you continue —
a quick consent notice

This website uses functional cookies and third-party services to operate. Before they can load, we need your consent through our Consent Management Platform, operated by CookieYes (cookieyes.com).

Data transmitted to cookieyes.com
  • Your browser's IP address — transmitted as part of the outbound HTTP request
  • Your browser's User-Agent string — transmitted as part of the outbound HTTP request
  • No other data is collected or transmitted at this stage

Functional cookies are required for this website to operate. If you decline, the site cannot be fully displayed. You are always welcome to return and accept at any time.

By clicking "Accept & Continue" you will be directed to the CookieYes consent manager where you can make granular choices.  |  Privacy Policy