Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

React2Shell (CVE-2025-55182) is a critical unauthenticated RCE in React Server Components caused by a validation/deserialization flaw in the Flight protocol; public PoCs and reported scanning/exploitation have prompted inclusion in CISA’s KEV and vendor patches (react-server-dom-* >= 19.0.1/19.1.2/19.2.1). The report analyzes detection challenges, notes approximately 109,000–110,000 RSC-enabled assets in the U.S. based on header fingerprints, describes observed attacker scanning and exploitation activity, and recommends immediate package and framework updates, access restrictions, and proactive monitoring.