react

Security Risk Profile

100

/100

critical

Security Risk Score

Comprehensive risk assessment based on 4 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from December 3, 2025 to present

Total CVEs

Critical+High

Exploited

Unpatched

Threat Assessment

Avg CVSS

Base severity

Avg EPSS

Exploit probability

Unpatched

Critical/High

Risk Level

100/100

critical

⚠️ 2 Active Exploits

Severity Distribution

Critical

High

Medium

Low

Exploit Likelihood

>50% chance

20-50%

5-20%

<5%

Age Distribution

Common Weaknesses (CWE)

No CWE data available

Most Affected Products

1. Vercel Next.js Node.js78

2. Facebook React4

3. npm/react-server-dom-webpack3

4. npm/react-server-dom-parcel3

5. npm/react-server-dom-turbopack3

Recent Vulnerabilities

See more →

https://reddit.com/r/cybersecurity/comments/1ptwmmd/react2shell_ransomware_weaxor_deployed_on/

unknown

React2Shell ransomware: Weaxor deployed on vulnerable server

12/23/2025🔧 No Patch

https://www.bleepingcomputer.com/news/security/react2shell-flaw-exploited-to-breach-30-orgs-77k-ip-addresses-vulnerable/

unknown

React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable

12/6/2025⚠ Exploited🔧 No Patch

https://www.bleepingcomputer.com/news/security/critical-react2shell-flaw-in-react-nextjs-lets-hackers-run-javascript-code/

unknown

Critical React, Next.js flaw lets hackers execute code on servers

12/4/2025🔧 No Patch

CVE-2025-55182

CVSS 10.0critical

Meta React Server Components Remote Code Execution Vulnerability

12/3/2025⚠ Exploited

Monitor react in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free Trial Book a Demo

react

Security Risk Score

Threat Assessment

Severity Distribution

Exploit Likelihood

Age Distribution

Common Weaknesses (CWE)

Most Affected Products

Recent Vulnerabilities

Monitor react in Real-Time

Monitor Your Software Stack in Real-Time