Home / Security updates / "React2Shell" Critical Remote Code Execution in React Server
"React2Shell" Critical Remote Code Execution in React Server
Security updates detail rendered from /security-updates/upd_f89650c6aa57462f.
Overview
| ID | upd_f89650c6aa57462f |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Scaleway |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_f89650c6aa57462f |
| providerId | safebase |
| organizationId | org_9c40dfe3f8d30eb8 |
| trustCenterId | tc_97ceaa0bb95c8ff7 |
| title | "React2Shell" Critical Remote Code Execution in React Server |
| message | ## Definition The vulnerability, identified as `CVE-2025-55182` or `"React2Shell"` is a severe unauthenticated remote code execution (RCE) flaw in the React Server Components "Flight" protocol. Rated with a critical *CVSS score of 10.0*, this issue allows an attacker to execute arbitrary code on servers utilizing React 19 and associated frameworks like Next.js that implement React Server Components. ## How it works The `React Server Components (RSC)` system, which relies on the Flight protocol for data serialization between the browser and server, contains a critical vulnerability in specific versions. This flaw involves the unsafe deserialization of specially crafted requests. Attackers can exploit this vulnerability to gain control over internal objects essential for module resolution and callbacks. In the default configurations of React 19 and Next.js applications utilizing the App Router, this attack vector is particularly critical. It allows unauthenticated attackers to access p |
| url | - |
| publishedAt | 2025-12-10 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_9c40dfe3f8d30eb8",
"name": "Scaleway",
"domains": [
"security.scaleway.com",
"scaleway.com"
]
} |
| trust_center | {
"id": "tc_97ceaa0bb95c8ff7",
"name": "Scaleway",
"url": "https://security.scaleway.com",
"host": "security.scaleway.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_f89650c6aa57462f",
"company": "/v1/companies/org_9c40dfe3f8d30eb8",
"trust_center": "/v1/trust-centers/tc_97ceaa0bb95c8ff7",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_f89650c6aa57462fJSON