A newly disclosed vulnerability in React Server Components (RSC) dubbed as CVE-2025-55182, and also known as React2Shell, has introduced a severe remote code execution (RCE) vector impacting applications built with React 19 and frameworks that rely heavily on RSC, most notably Next.js.
The flaw received a CVSS score of 10.0, reflecting its ease of exploitation, massive ecosystem footprint, and the threat of complete server takeover.
The vulnerability was quickly weaponized and escalated after multiple threat-intelligence teams observed active exploitation by China-nexus cyber groups, mass-scanning botnets, and opportunistic attackers, turning this into one of the most consequential web-framework vulnerabilities in recent years.
The Aqua Nautilus team has deployed dozens of honeypots designed to capture, analyze, and explain real-world attacks as they occur in the wild.
Affected Versions
React
Vulnerable versions: 19.0.0 – 19.2.0
Patched versions: 19.0.1, 19.1.2, 19.2.1
Next.js
All versions integrating vulnerable RSC
Patched versions: 15.0.5, 15.1.9, 15.2.6, 15.3.6, 15.4.8, 15.5.7, 16.0.7
Because Next.js integrates RSC deeply, the vulnerability propagated directly into server-side rendering, data fetching APIs, route handlers, and other core features.
Vulnerability Root Cause
At its core, CVE-2025-55182 is an insecure deserialization flaw. React Server Components expect structured metadata from the client; however, vulnerable versions trust this attacker-controlled input without proper validation or type safety.
This enables an attacker to send a single malicious HTTP request that:
- Injects unexpected or malicious object types into the
RSCdeserializer - Abuses React’s internal execution pipeline
- Executes arbitrary server-side code
- Achieves full remote compromise without authentication
The flaw is especially dangerous because the RSC deserializer runs deep within the React server runtime. A bypass at this layer means complete application control, including OS-level access in many deployments.
Active Exploitation: What We Are Seeing in the Wild
Multiple intelligence sources confirm rapid weaponization:
- AWS Security: China-Nexus Threat Groups Actively Exploiting React2Shell AWS reported that state-aligned operators began scanning and exploiting the bug within hours of disclosure—leveraging public PoCs to gain persistence and server footholds. For more information, please visit the AWS Blog.
- GreyNoise: Massive Opportunistic Scanning. GreyNoise observed widespread botnet activity, opportunistic RCE attempts, and automated exploitation infrastructure—indicating this flaw is not limited to targeted campaigns. For more information, please visit the GreyNoise Blog.
What attackers attempt post-exploitation
- Based on field observations, adversaries typically:
- Drop remote shells
- Deploy cryptominers
- Attempt credential harvesting from environment variables
- Manipulate file systems or inject persistence
- Weaponize the application layer for lateral movement
This aligns with how cloud native RCE vulnerabilities have been exploited in previous campaigns targeting Docker, Kubernetes, CI/CD integrations, and public cloud environments.
Why React2Shell Is a Critical Infrastructure-Level Risk
CVE-2025-55182 is not “just a framework bug.” It has the four characteristics that define a catastrophic web-layer vulnerability:
1. Zero authentication needed: Any internet-facing server can be compromised with one HTTP request.
2. Default installations are vulnerable: Millions of developers unknowingly deploy RSC-backed applications without additional hardening.
3. Full server takeover: Successful exploitation allows attackers to:
- Execute arbitrary code
- Steal secrets and tokens from environment variables
- Access databases
- Modify the filesystem
- Install persistence
- Launch further attacks into the supply chain
4. Massive ecosystem impact: React and Next.js have millions of users across the world, and they are widely used. The speed of exploitation mirrors historic incidents such as Log4Shell, Spring4Shell, and the MOVEit campaigns.
How Aqua Can Help
Aqua provides multiple layers of protection against this class of supply chain and code-execution vulnerabilities:
Aqua Scanning
- CI/CD image scanning, code scanning, and agentless workload scanning detect vulnerable
React/RSCpackages and their transitive dependencies. - The vulnerability will be surfaced in your Assurance Policies, Vulnerability Reports, and Risk Views.
Aqua Runtime Protection
If you use Aqua Enforcers or Runtime policies, these controls can block:
- Execution of unapproved packages
- Attempted code injection behaviors
- Suspicious or non-compliant runtime activity
This provides mitigation even before patching.
How to Mitigate
We recommend the following actions:
1. Review all dependencies, including transitive npm dependencies, for affected versions of React and related packages.
2. Rescan all images (or allow the nightly scan) to identify non-compliant assets.
3. Upgrade to patched versions as they become available from the React community.
4. Use Aqua scanning (CI/CD, code scanning, agentless, and runtime) to identify vulnerable artifacts across your pipelines and workloads.
5. Update Assurance Policies to mark vulnerable packages and builds as non-compliant.
6. Apply runtime controls to block non-compliant code paths or suspicious behaviors.
