/
Published on 10.12.2025
TLDR: A critical 10.0 severity vulnerability, dubbed React2Shell (CVE-2025-55182), was discovered in React Server Components, allowing for unauthenticated remote code execution. The vulnerability affects several versions of React and frameworks like Next.js. Immediate upgrades are required.
Link: Critical Security Vulnerability in React Server Components
TLDR: TanStack has released TanStack AI, a new framework-agnostic AI SDK that offers a type-safe, composable, and platform-independent alternative to existing AI SDKs.
Link: TanStack's Open. AI. SDK.
TLDR: React Native 0.83 is out, bringing React 19.2, new DevTools features, and stable Web Performance and Intersection Observer APIs. This is also the first release with no user-facing breaking changes.
Link: React Native 0.83 - React 19.2, New DevTools features, no breaking changes