窓の杜

「React」「Next.js」に重大なリモートコード実行の脆弱性、CVSSの基本 ...

UIライブラリ「React」(React.js)および「Next.js」で、認証なしにリモートコード実行が可能になる重大なセキュリティ脆弱性「CVE-2025-55182」が存在することが明らかになった。この脆弱性は「React2Shell」とも呼ばれており、CVSSの基本値は満点の「10.0」。
heise online

JavaScript Rising Stars 2025: AI platform n8n jumps to number 1

The current study JavaScript Rising Stars 2025 has been released. It measures the popularity of JavaScript projects based on new GitHub stars added within the last year. n8n leads this time by a wide ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
InfoQ

State of JavaScript 2025: Survey Reveals a Maturing Ecosystem with TypeScript Cementing ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...