Our React starter kit provides a robust, modern starting point for building Laravel applications with a React frontend using Inertia. Inertia allows you to build modern, single-page React applications ...

A critical vulnerability in React Server Components is being actively exploited by multiple threat groups, putting thousands of websites — including crypto platforms — at immediate risk with users ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could result in denial-of-service (DoS) or source code exposure. The team ...

An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. An increasing number of threat actors have been attempting to exploit the ...

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting urgent warnings across the tech industry. The bug — dubbed “React2Shell” — ...

Cloudflare’s network suffered a brief but widespread outage Friday, after an update to its Web Application Firewall to mitigate a vulnerability in React Server Components went wrong. At 9:09 a.m. UTC, ...

Facepalm: A widely used web technology is affected by a serious security vulnerability that can be exploited with minimal effort to compromise servers. Known as "React2Shell," the flaw may require ...

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.