React2Shell exploitation continues to escalate, posing 'significant risk'

• React2Shell (CVE‑2025‑55182) exploited to compromise hundreds of systems worldwide
• China‑linked groups and North Korea abuse flaw for persistence, espionage, and cryptomining
• Patch immediately to React versions 19.0.1, 19.1.2, or 19.2.1.

React2Shell, a critical severity vulnerability in React Server Components (RCS), was already used to compromise “several hundred machines across a diverse set of organizations”.

This is according to Microsoft, whose latest blog post discusses the vulnerability and how to defend against incoming attacks.

In early December, the React team published a security advisory detailing a pre-authentication bug in multiple versions of multiple packs, affecting RCS. The bug, now dubbed “React2Shell”, is tracked as CVE-2025-55182, and is given a severity score of 10/10 (critical).