Categories: Cyber Security News

644,000+ Domains at Risk Due to Critical React Server Components Flaw

A critical security vulnerability in React Server Components has left more than 644,000 domains and 165,000 IP addresses exposed to remote code execution attacks, according to updated scan data released by the Shadowserver Foundation on December 8, 2025.

Massive Internet-Wide Exposure Discovered

The vulnerability, tracked as CVE-2025-55182, was identified through an enhanced scan that revealed a large number of vulnerable systems across the internet.

The Shadowserver Foundation reported significant improvements in its scanning methodology, resulting in the discovery of numerous exposed systems.

The collaborative effort involved security research organizations Validin LLC and LeakIX, who worked alongside Shadowserver to identify and track the vulnerable installations.

The real-time statistics dashboard shows that the exposure affects a substantial portion of web infrastructure using React Server Components in production environments.

According to the React development team, CVE-2025-55182 represents an unauthenticated remote code execution vulnerability in React Server Components.

https://twitter.com/Shadowserver/status/1998427695982739671?ref_src=twsrc%5Etfw

This type of vulnerability is among the most severe security issues, as it allows attackers to execute arbitrary code on affected systems without requiring authentication credentials.

The React team has classified this as a critical security issue and has released emergency patches to address the vulnerability.

Fixed versions are now available in React 19.0.1, 19.1.2, and 19.2.1. The development team strongly recommends that all users running affected versions upgrade immediately to a patched release.

The severity of CVE-2025-55182 has prompted the Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities Catalog.

This designation indicates that the vulnerability is actively being exploited in the wild or poses a significant risk to federal enterprises and critical infrastructure.

Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Update

The post 644,000+ Domains at Risk Due to Critical React Server Components Flaw appeared first on Cyber Security News.

Over 644,000 Domains Exposed to Critical React Server Components Vulnerability

The Shadowserver Foundation has released alarming new data regarding the exposure of web applications to CVE-2025-55182, a critical vulnerability affecting React Server Components. Following significant improvements to their scanning methodologies, researchers have identified a massive attack surface comprising over 165,000 unique IP addresses and more than 644,000 domains hosting vulnerable…

December 10, 2025

In "Cyber Security News"

Over 511,000 End-of-Life Microsoft IIS Servers Exposed Online

Security researchers have uncovered a massive global security risk involving outdated Microsoft Internet Information Services (IIS) servers. According to new findings from The Shadowserver Foundation, more than 511,000 internet-facing IIS instances are currently running versions that have reached end-of-life (EOL), exposing organizations to serious cyber threats. The scale of the…

March 23, 2026

In "Cyber Security News"

511,000+ End-of-Life Microsoft IIS Instances Exposed Online, Secure Now!

A massive attack surface involving outdated Microsoft Internet Information Services (IIS) servers. During Shadowserver’s daily network scans on March 23, 2026, researchers identified over 511,000 End-of-Life (EOL) IIS instances actively connected to the internet. This widespread exposure presents a serious security risk for organizations worldwide, as these obsolete servers no…

March 24, 2026

In "Cyber Security News"

rssfeeds-admin