@securityrss.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

securityrss.ai

securityrss.bsky.social

did:plc:geidqukzen75knciqkq77vgq

A critical vulnerability in React and Next.js allows unauthenticated remote code execution (RCE) due to insecure deserialization in default configurations. Identified as CVE-2025-55182 (React) and CVE-2025-66478 (Next.js), it affects standard deployments. Exploitation has a near 100% success rate. https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182

2025-12-03T22:04:06.436Z