Chinese Hackers Exploit Critical React Vulnerability Hours After Disclosure

"React2Shell" vulnerability in React earns perfect CVSS score; Chinese groups attack. Update to latest patch now to avoid exploitation.

By Content Team

Dec 6, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A devastating vulnerability in React's JavaScript library, dubbed "React2Shell," earned a perfect 10 CVSS severity score and is already under attack by Chinese state-backed groups. CVE-2025-55182 allows unauthenticated remote code execution in React Server Components versions 19.0.0 through 19.2.0.

Amazon's security team spotted exploitation attempts within hours of the December 3rd disclosure, with Earth Lamia and Jackpot Panda among the attackers. The groups are using automated scanning tools and simultaneously targeting other recent vulnerabilities in broad campaigns.

Patches are available for React versions 19.0.1, 19.1.2, and 19.2.1. Organizations should update immediately, as working proof-of-concept exploits are circulating publicly and broader exploitation is expected.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

EmEditor Hit by Supply Chain Attack Delivering Infostealer Malware

Dec 29, 2025

Cisco Hit by Dual Cyberattacks: China-Linked APT and Massive VPN Brute Force Campaign

Dec 20, 2025

UK Security Agency Warns of Severe Cyber Threats to Critical Infrastructure

Feb 11, 2026

Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims

Nov 24, 2025