In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security researchers probing the fixes for the previous week’s critical RSC vulnerability, known as “React2Shell”. The React team identified these as a high-severity DoS (CVSS 7.5) and a medium-se... https://kratikal.com/blog/denial-of-service-and-source-code-exposure-in-react-server-components/?utm_source=bsbm&utm_medium=fellowfavorite