Detecting React2Shell: The maximum-severity RCE vulnerability affecting React Server Components and Next.js

React2Shell (CVE-2025-55182) is a critical unauthenticated RCE in React Server Components (and tracked downstream in Next.js as CVE-2025-66478) that allows arbitrary server-side code execution via crafted HTTP payloads; a public PoC exists and researchers report near-100% exploitation against default configurations. The report documents affected packages and frameworks, provides technical analysis, offers runtime detection (Falco rule), WAF protections, and remediation guidance—recommending immediate patching to fixed versions and deployment of runtime detections where patching is not yet possible.