Critical RCE Vulnerabilities Discovered in React & Next.js (www.wiz.io)
from cm0002@lemmings.world to programming@programming.dev on 04 Dec 2025 07:09
https://lemmings.world/post/37864708

#programming

threaded - newest

30p87@feddit.org on 04 Dec 2025 07:13 next collapse

lol

FizzyOrange@programming.dev on 04 Dec 2025 07:54 next collapse

in the react-server package used by React Server Components (RSC).

vinnymac@lemmy.world on 04 Dec 2025 08:00 next collapse

In case anyone wants to skip the weird ai content blog

Here is the source: react.dev/…/critical-security-vulnerability-in-re…

BlueBockser@programming.dev on 04 Dec 2025 09:59 collapse

I’m not sure I’d classify wiz as a “weird AI content blog”, but I agree that it’s good to get the information straight from the horse’s mouth.

vinnymac@lemmy.world on 04 Dec 2025 13:32 collapse

I described it that way because the content morphed several times moments after the blog post went up, and appeared fully automated.

Perhaps a human reviewed it and updated it after the fact, but I’d be shocked if the original post I saw wasn’t an LLM.

MonkderVierte@lemmy.zip on 04 Dec 2025 10:42 collapse

Nothing new.