React2Shell and Updating My Personal Website

Magnús Smári Smárason·December 9, 2025

React2Shell Next.js Security Vulnerability Website Update

React2Shell vulnerability highlights the need for vigilance. Here's how I updated my Next.js site to stay secure.

React2Shell and Security Update for smarason.is

A critical security vulnerability has been discovered in React Server Components and Next.js, known as React2Shell (CVE-2025-55182). This vulnerability has received the highest possible risk score, a CVSS 10 out of 10, indicating just how dangerous it is.

What is React2Shell?

In short, React2Shell is a vulnerability that allows unauthorized parties to execute code on servers (Remote Code Execution) by exploiting insecure data handling. This is particularly dangerous as attackers do not require authentication or a login to cause damage.

Update on smarason.is

My website, smarason.is, runs on Next.js and has already been updated to address this threat.

It is crucial to keep all dependencies updated to ensure security. If you have any doubts about the importance of this, feel free to ask me what happens when things are neglected. Let's just say your website can suddenly transform into an Eastern European casino... and I speak from hard-earned experience!

The Importance of Updates

Regular software updates are key to website security. I encourage all site administrators to review their websites and ensure that the latest security patches are installed.

View all articles →

Psychedelic surreal cosmic library scene with three glowing figures reading ancient books in a colorful dreamlike universe full of galaxies, rainbows, floating planets, and mystical symbols.

Blog

Don't Tell Them What Should Be Hard

Generative AI is not something we glide smoothly back into our previous normal lives with. Things that used to be hard simply aren't anymore.

11 days ago

Blog

Society & Technology

Is the “Sjalli-Kiss” Dead? – Daring to Be Present in the Age of AI

The Sjalli-Kiss is a symbol of the freedom to make mistakes. In an age of surveillance culture and AI — are we truly living?

26 days ago

Conceptual image of scales of justice balanced against a glowing AI interface

Blog

When AI Becomes Judge (Part 2): The Double Standard: When AI Judges Students

If it is considered administrative malpractice to use Claude to judge the contribution of scholars, why is it considered "academic integrity" to use Turnitin to judge the originality of a student?

about 2 months ago

React2Shell and Security Update for smarason.is

Related Articles

Don't Tell Them What Should Be Hard

Is the “Sjalli-Kiss” Dead? – Daring to Be Present in the Age of AI

When AI Becomes Judge (Part 2): The Double Standard: When AI Judges Students