InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

React2Shell exploitation continues to escalate, posing 'significant risk'

In early December, the React team published a security advisory detailing a pre-authentication bug in multiple versions of ...
GitHub

TI Connect CE Browser

In most schools nowadays, students use chromebooks. These chromebooks are usually locked down so you can't install games and other non-school related stuff. I believe this app should always have been ...
GitHub

agustinusnathaniel/nextarter-tailwind-daisy

with next-seo and next-sitemap. you'll need to reconfigure or tinker with it to get it right according to your needs, but it's there if you need it.
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as ...