In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues Denial-of-Service and Source Code Exposure were found by security researchers probing the fixes for the previous week’s critical RSC vulnerability, known as “React2Shell”. While these newly discovered bugs do not enable Remote Code Execution, meaning…
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/12/denial-of-service-and-source-code-exposure-in-react-server-components/
