Particle.news
Get it on Google Play
Download on the App Store
3 ARTICLES
·
3mo ago

Exploit Emerges for Critical React RCE as AWS Flags First Attacks

The CVE-2025-55182 flaw in React Server Components enables unauthenticated remote code execution via crafted HTTP requests.

Image
Sicherheitslücke: Expert:innen vergeben Höchstwarnstufe. (Foto: Shutterstock / mayam_studio)

Overview

  • Public exploit code is now circulating and Amazon AWS reports initial attacks, while stating its services are not affected.
  • AWS links the activity to China-aligned groups Earth Lamia and Jackpot Panda that typically focus on government entities and energy-sector infrastructure.
  • Researchers from Wiz and Aikido trace the issue to unsafe deserialization in React’s Flight protocol, with tests showing a single request can trigger code execution.
  • The bug impacts React 19.0, 19.1.0, 19.1.1 and 19.2.0 outputs and the react-server-dom packages for webpack, parcel and turbopack, with multiple integrating frameworks also exposed.
  • React has issued fixes in 19.0.1, 19.1.2 and 19.2.1 and security teams urge immediate patching as AWS provides indicators of compromise for defenders.