React2Shell (CVE-2025-55182) is a critical RCE vulnerability in React Server Components (CVSS 10.0). Unauthenticated attackers can execute arbitrary code on servers via malicious RSC payloads. Affects Next.js 15.0.0-16.0.6 & 2.15M+ exposed services. PoCs public since Dec 4. IMMEDIATE PATCHING REQUIRED.
Anıl Soylu
On December 3, 2025, the React Core Team disclosed one of the most severe vulnerabilities to ever impact the modern web development ecosystem. Dubbed React2Shell and tracked as CVE-2025-55182, this critical remote code execution (RCE) flaw affects React Server Components (RSC) and all frameworks built upon this technology, including Next.js, React Router, Waku, and Parcel RSC plugins. With a CVSS score of 10.0—the maximum severity rating—and proof-of-concept exploits already publicly available, this vulnerability demands immediate attention from development teams worldwide.
React2Shell is a deserialization vulnerability in the React Server Components "Flight" protocol, the serialization format that enables communication between React servers and clients. The flaw stems from inadequate validation of incoming HTTP request payloads sent to Server Function endpoints, allowing attackers to execute arbitrary code on application servers without any authentication requirements.
The vulnerability was discovered by security researcher Lachlan Davidson, who responsibly disclosed it to the Meta Security Team on November 29, 2025. Rather than remaining hidden, proof-of-concept (PoC) exploits became publicly available by December 4, 2025, triggering an immediate global security alert.
The vulnerability exists in the unsafe handling of serialized payloads within the React Server Components implementation. Specifically, the vulnerable code accesses module exports without properly validating property ownership through hasOwnProperty checks. This oversight creates a prototype pollution vulnerability that allows attackers to access and invoke dangerous Node.js built-in modules directly.
When a server processes an RSC payload, it deserializes the data without sufficient input validation. This opens a door for attackers to reference internal Node.js modules such as:
child_process: Enables execution of arbitrary system commands
fs: Allows reading and writing files on the server
vm: Permits execution of arbitrary JavaScript code within the server context
An attacker needs only to craft a specially formatted JSON payload and send it as an HTTP POST request to any exposed Server Function endpoint. The server will then deserialize and execute the payload, giving the attacker complete control over the application server.
React2Shell impacts the following packages across React version 19 releases:
Package | Vulnerable Versions |
| 19.0.0, 19.1.0, 19.1.1, 19.2.0 |
| 19.0.0, 19.1.0, 19.1.1, 19.2.0 |
| 19.0.0, 19.1.0, 19.1.1, 19.2.0 |
Any framework or tool implementing React Server Components is vulnerable, including:
Next.js
15.0.0 through 16.0.6
React Router
RSC preview
Waku
framework
Parcel
RSC plugin
Vite
RSC plugin
RedwoodSDK
The vulnerability poses an enormous threat to the global web infrastructure. Research indicates that approximately 39% of all cloud environments contain instances of Next.js or React running vulnerable versions. Additionally, 44% of cloud environments host publicly exposed Next.js instances, creating an immense attack surface for threat actors. Conservative estimates suggest that over 2.15 million internet-exposed services are currently at risk.
A particularly concerning aspect of this vulnerability is that standard Next.js applications created with create-next-app are vulnerable without requiring any code modifications. The vulnerability doesn't depend on explicit developer configuration—simply using React Server Components automatically exposes an application to attack. This means organizations may unknowingly be running vulnerable applications in production.
Even applications that don't explicitly implement Server Functions could still be vulnerable if they support React Server Components, as attackers only need access to any RSC endpoint to launch an attack.
The attack is straightforward and doesn't require authentication:
Reconnaissance
: The attacker identifies a React Server Component endpoint on the target application
Payload Crafting
: They create a malicious serialized JSON payload referencing dangerous Node.js modules
Delivery
: The attacker sends an HTTP POST request to the RSC endpoint containing the payload
Execution
: The server deserializes the payload without proper validation
Compromise
: The attacker achieves remote code execution on the server
A simplified attack payload might reference the child_process module to execute a shell command:
{ "id": "child_process#execSync", "bound": ["whoami"] }
This would execute the whoami command on the server and return the result. More sophisticated payloads can:
Read sensitive files
: Using
fs#readFileSync
to access configuration files, credentials, or source code
Write to the filesystem
: Using
fs#writeFileSync
to modify files or create backdoors
Establish persistence
: Modifying files like
~/.ssh/authorized_keys
to maintain long-term access
Execute arbitrary code
: Using
vm#runInThisContext
for JavaScript execution within the server process
Organizations should monitor their systems for these indicators of compromise:
Suspicious POST requests
to RSC endpoints containing payloads with
$ACTION_REF_0, module references (
child_process,
vm,
fs), or similar attack patterns
Unexpected execution
of Node.js modules or system commands spawned by the server process
File modifications
in sensitive locations like
~/.ssh/,
/tmp/, or configuration directories
Unusual network activity
or outbound connections originating from compromised servers
Function timeouts
or performance degradation (though these are not reliable indicators alone, as attackers can craft payloads that complete successfully)
Organizations using affected versions must take immediate action. Simply implementing Web Application Firewall (WAF) rules is insufficient and should not be relied upon as a complete solution. Upgrading to patched versions is the only fully secure remediation.
Update to the following patched versions or later:
Framework/Package | Patched Version |
React | 19.0.1, 19.1.2, 19.2.1 |
Next.js 15.0.x | 15.0.5 |
Next.js 15.1.x | 15.1.9 |
Next.js 15.2.x | 15.2.6 |
Next.js 15.3.x | 15.3.6 |
Next.js 15.4.x | 15.4.8 |
Next.js 15.5.x | 15.5.7 |
Next.js 16.0.x | 16.0.7 |
Next.js 14 Canaries | Downgrade to 14.3.0-canary.76 |
Next.js 15 Canaries | 15.6.0-canary.58 or later |
Next.js 16 Canaries | 16.1.0-canary.12 or later |
To determine your current Next.js or React version:
In the browser console
: Execute
next.version
(for Next.js) to see the deployed version
In your project
: Check the
package.json
file and look for the
"next"
or
"react"
dependency
Test in development
: Update your dependencies to patched versions in a development environment first
Validate functionality
: Run your entire test suite to ensure compatibility
Deploy to staging
: Deploy the updated version to a staging environment for additional validation
Production deployment
: Roll out updates to production as soon as validation is complete
Log monitoring
: Review application logs for any suspicious activity post-deployment
While patching is the primary mitigation:
Network isolation
: Restrict network access to RSC endpoints where possible, implementing strict firewall rules
Input validation
: Even after patching, implementing additional server-side validation for RSC payloads provides defense-in-depth protection
Log monitoring
: Actively monitor server logs for indicators of compromise
WAF rules
: While not sufficient alone, configuring Web Application Firewall rules to block known exploit patterns provides an additional layer of defense
Incident response
: Prepare and test incident response procedures for potential compromise
For applications hosted on Vercel, the platform has implemented automatic protection through WAF rules that filter and block known exploit patterns at no additional cost. However, Vercel strongly recommends upgrading to patched versions regardless, as WAF rules cannot guarantee 100% protection against all possible exploit variants.
Vercel also provides a dashboard banner for customers informing them if their production deployment contains vulnerable versions of next, react-server-dom-webpack, react-server-dom-parcel, or react-server-dom-turbopack. This serves as an additional layer of defense but should not replace direct version verification.
Organizations should avoid using publicly available exploits against production environments. Instead:
Verify patch versions
: Directly confirm that all deployments use patched versions through version checks
Sandboxed testing
: If additional verification is required, test in a completely isolated environment with synthetic data only
Log analysis
: Review existing logs for suspicious activity rather than attempting active exploitation
Rather than attempting to exploit the vulnerability, focus on validation:
Verify that all Server Function endpoints respond only to valid, authenticated requests
Monitor and analyze POST request logs for unusual patterns
Verify that Node.js module execution is restricted to intended functionality only
Test that file system access is limited to necessary directories
React2Shell highlights a critical supply chain risk in the modern JavaScript ecosystem. A vulnerability in a core library like React Server Components can instantly affect millions of downstream applications. The speed at which this vulnerability was disclosed, weaponized, and exploited demonstrates the urgency developers face when critical flaws emerge in widely-used dependencies.
The response from major technology companies and security organizations has been swift:
Meta
and the React Core Team coordinated an immediate response with the security community
Vercel
deployed WAF protections globally and coordinated with major CDN and WAF providers
Security vendors
like Wiz, Rapid7, and others have released comprehensive guidance
Cloud providers
have implemented protective measures and issued alerts
This vulnerability underscores why organizations must:
Maintain efficient update pipelines for critical dependencies
Establish clear procedures for handling security vulnerabilities
Monitor security advisories from core dependencies
Balance the need for stability with the urgency of security patching
Monitor official security advisories
: The React security advisory and Vercel's guidance are authoritative sources for this vulnerability
Don't delay security updates
: While thorough testing is important, critical vulnerabilities like this demand rapid deployment
Verify mitigations work
: Understand that WAF rules and other defensive measures supplement but don't replace patching
Maintain vulnerability tracking
: Use tools and processes that track security advisories for your dependencies
Communicate with stakeholders
: Leadership and non-technical teams need to understand the severity and urgency of security issues
While this vulnerability is specific to React Server Components, the underlying lesson applies broadly:
Implement
secure coding practices
that emphasize input validation and avoid unsafe deserialization
Use
dependency scanning tools
that automatically alert you to known vulnerabilities
Establish
security review processes
for high-risk libraries
Consider
architectural decisions
that limit the blast radius if a dependency is compromised
React2Shell (CVE-2025-55182) represents one of the most critical vulnerabilities in modern web development history. Its combination of maximum severity, ease of exploitation, and widespread impact demands immediate action from development teams. However, the good news is that patches are available, and the upgrade process, while urgent, is straightforward for most organizations.
The time to act is now. Organizations using React Server Components or Next.js must:
Identify all affected deployments
Update to patched versions immediately
Redeploy applications
Monitor for indicators of compromise
Review logs for suspicious activity
The React and JavaScript communities have responded rapidly with patches, guidance, and protective infrastructure. By following official recommendations and prioritizing patching, development teams can mitigate this critical risk and protect their applications and users from compromise.
React Security Advisory
: Official guidance from the React Core Team
Vercel Blog
: Comprehensive mitigation guidance and FAQ
Vercel Changelog
: Technical details about CVE-2025-55182
Wiz Research
: In-depth technical analysis and impact assessment
React2Shell Official Website
: Updates and technical documentation from security researcher Lachlan Davidson
Last Updated: December 7, 2025
This article is based on official security advisories from Meta, the React Core Team, and Vercel. All information reflects the current state of knowledge as of December 7, 2025. Readers should check official sources for the latest updates and guidance.