React2Shell and Updating My Personal Website

Magnús Smári Smárason·December 9, 2025

React2Shell Next.js Security Vulnerability Website Update

React2Shell vulnerability highlights the need for vigilance. Here's how I updated my Next.js site to stay secure.

React2Shell and Security Update for smarason.is

A critical security vulnerability has been discovered in React Server Components and Next.js, known as React2Shell (CVE-2025-55182). This vulnerability has received the highest possible risk score, a CVSS 10 out of 10, indicating just how dangerous it is.

What is React2Shell?

In short, React2Shell is a vulnerability that allows unauthorized parties to execute code on servers (Remote Code Execution) by exploiting insecure data handling. This is particularly dangerous as attackers do not require authentication or a login to cause damage.

Update on smarason.is

My website, smarason.is, runs on Next.js and has already been updated to address this threat.

It is crucial to keep all dependencies updated to ensure security. If you have any doubts about the importance of this, feel free to ask me what happens when things are neglected. Let's just say your website can suddenly transform into an Eastern European casino... and I speak from hard-earned experience!

The Importance of Updates

Regular software updates are key to website security. I encourage all site administrators to review their websites and ensure that the latest security patches are installed.

View all articles →

Blog

Society & Technology

Is the “Sjalli-Kiss” Dead? – Daring to Be Present in the Age of AI

The Sjalli-Kiss is a symbol of the freedom to make mistakes. In an age of surveillance culture and AI — are we truly living?

4 days ago

Conceptual image of scales of justice balanced against a glowing AI interface

Blog

When AI Becomes Judge (Part 2): The Double Standard: When AI Judges Students

If it is considered administrative malpractice to use Claude to judge the contribution of scholars, why is it considered "academic integrity" to use Turnitin to judge the originality of a student?

28 days ago

The judge’s gavel, powered by information from the web of large language models

Blog

When AI Becomes Judge: A Lesson Iceland Cannot Afford to Miss

A recent incident in Iceland reveals dangerous flaws when AI like Claude assesses human contribution without understanding. AI is powerful but shouldn't judge careers. The article is based entirely on public media coverage and does not assume that all facts of the case are fully known.

about 1 month ago

React2Shell and Security Update for smarason.is

Related Articles

Is the “Sjalli-Kiss” Dead? – Daring to Be Present in the Age of AI

When AI Becomes Judge (Part 2): The Double Standard: When AI Judges Students

When AI Becomes Judge: A Lesson Iceland Cannot Afford to Miss