React2Shell and Updating My Personal Website

Magnús Smári Smárason·December 9, 2025

React2Shell Next.js Security Vulnerability Website Update

React2Shell vulnerability highlights the need for vigilance. Here's how I updated my Next.js site to stay secure.

React2Shell and Security Update for smarason.is

A critical security vulnerability has been discovered in React Server Components and Next.js, known as React2Shell (CVE-2025-55182). This vulnerability has received the highest possible risk score, a CVSS 10 out of 10, indicating just how dangerous it is.

What is React2Shell?

In short, React2Shell is a vulnerability that allows unauthorized parties to execute code on servers (Remote Code Execution) by exploiting insecure data handling. This is particularly dangerous as attackers do not require authentication or a login to cause damage.

Update on smarason.is

My website, smarason.is, runs on Next.js and has already been updated to address this threat.

It is crucial to keep all dependencies updated to ensure security. If you have any doubts about the importance of this, feel free to ask me what happens when things are neglected. Let's just say your website can suddenly transform into an Eastern European casino... and I speak from hard-earned experience!

The Importance of Updates

Regular software updates are key to website security. I encourage all site administrators to review their websites and ensure that the latest security patches are installed.

View all articles→

Blog

It's not a box, it's a bucket

A conversation with Pietro Segreto about publishing, knowledge and AI — gatekeepers, the statistical shadow, the glass box of 1423, and the bucket each generation fills.

1 day ago

Blog

AI won't learn the golf swing for you

Guðmundur Smári Gunnarsson and I start with golf and end in a larger conversation about the body, rhythm and AI as a training partner. Skill is built in the body.

13 days ago

Blog

From recording to release — how AI works with me on the podcast

How AI fits into making Temjum tæknina — from recording to release — with Dr. Sigrún Stefánsdóttir. The conversation is the raw material; the machine works from it, never instead of it.

20 days ago

React2Shell and Updating My Personal Website

Magnús Smári Smárason·December 9, 2025

React2Shell Next.js Security Vulnerability Website Update

React2Shell vulnerability highlights the need for vigilance. Here's how I updated my Next.js site to stay secure.

React2Shell and Security Update for smarason.is

What is React2Shell?

Update on smarason.is

My website, smarason.is, runs on Next.js and has already been updated to address this threat.

The Importance of Updates

Regular software updates are key to website security. I encourage all site administrators to review their websites and ensure that the latest security patches are installed.

View all articles→

Blog

It's not a box, it's a bucket

A conversation with Pietro Segreto about publishing, knowledge and AI — gatekeepers, the statistical shadow, the glass box of 1423, and the bucket each generation fills.

1 day ago

Blog

AI won't learn the golf swing for you

Guðmundur Smári Gunnarsson and I start with golf and end in a larger conversation about the body, rhythm and AI as a training partner. Skill is built in the body.

13 days ago

Blog

From recording to release — how AI works with me on the podcast

How AI fits into making Temjum tæknina — from recording to release — with Dr. Sigrún Stefánsdóttir. The conversation is the raw material; the machine works from it, never instead of it.

20 days ago

React2Shell and Updating My Personal Website

React2Shell and Security Update for smarason.is

Related Articles

It's not a box, it's a bucket

AI won't learn the golf swing for you

From recording to release — how AI works with me on the podcast

React2Shell and Updating My Personal Website

React2Shell and Security Update for smarason.is

Related Articles

It's not a box, it's a bucket

AI won't learn the golf swing for you

From recording to release — how AI works with me on the podcast