Cloudflare has implemented new WAF rules to protect against a Remote Code Execution vulnerability affecting specific React versions and Next.js. All customers are automatically shielded as long as their traffic is routed through Cloudflare, but updating to React 19.2.1 and the latest Next.js versions is still recommended. Cloudflare's security team will monitor for potential attacks and adjust protections as needed.

Cloudflare experienced a widespread outage due to an update to its Web Application Firewall meant to address a vulnerability in React Server Components. The fix caused issues for various enterprise and consumer services, highlighting the risks of relying on single service providers.

The article details the rapid exploitation attempts of the React2Shell vulnerability (CVE-2025-55182) following its disclosure on December 3, 2025. Threat actors quickly utilized various tools to scan for and exploit vulnerable React Server Components across multiple regions, targeting significant organizations and critical infrastructure. It also mentions two other related vulnerabilities and Cloudflare's response to mitigate these risks.