(react.dev)

298 points sangeeth96 | 1 comments | 11 Dec 25 20:46 UTC | HN request time: 0.327s | source

See also: https://blog.cloudflare.com/react2shell-rsc-vulnerabilities-..., https://nextjs.org/blog/security-update-2025-12-11

Show context

rickhanlonii ◴[11 Dec 25 21:54 UTC] No.46237729[source]▶

>>46236924 (OP) #

After Log4Shell, additional CVEs were reported as well.

It’s common for critical CVEs to uncover follow‑up vulnerabilities because researchers scrutinize adjacent code paths looking for variant exploit techniques to test whether the initial mitigation can be bypassed.

replies(2): >>46238177 #>>46238437 #

1. ◴[11 Dec 25 22:50 UTC] No.46238437[source]▶

>>46237729 #

↑

Denial of service and source code exposure in React Server Components