By rssfeeds-admin Massive Internet-Wide Exposure Discovered
The vulnerability, tracked as CVE-2025-55182, was identified through an enhanced scan that revealed a large number of vulnerable systems across the internet.
The Shadowserver Foundation reported significant improvements in its scanning methodology, resulting in the discovery of numerous exposed systems.
The collaborative effort involved security research organizations Validin LLC and LeakIX, who worked alongside Shadowserver to identify and track the vulnerable installations.
The real-time statistics dashboard shows that the exposure affects a substantial portion of web infrastructure using React Server Components in production environments.
According to the React development team, CVE-2025-55182 represents an unauthenticated remote code execution vulnerability in React Server Components.
This type of vulnerability is among the most severe security issues, as it allows attackers to execute arbitrary code on affected systems without requiring authentication credentials.
The React team has classified this as a critical security issue and has released emergency patches to address the vulnerability.
Fixed versions are now available in React 19.0.1, 19.1.2, and 19.2.1. The development team strongly recommends that all users running affected versions upgrade immediately to a patched release.
The severity of CVE-2025-55182 has prompted the Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities Catalog.
This designation indicates that the vulnerability is actively being exploited in the wild or poses a significant risk to federal enterprises and critical infrastructure.
Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Update
The post 644,000+ Domains at Risk Due to Critical React Server Components Flaw appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.