React Alert

CVE-2025-55182 affecting React server:

Active exploitation attempts on vulnerable servers have been detected within the national cyberspace. Additionally, malicious post-exploitation activities have been detected on affected servers such as extracting credentials and SSH keys, implanting backdoors and performing crypto mining activities.

The CERT team encourages users to apply the following actions:

• Rebuild the affected application, and reinstall all dependencies using the patched version
• Rotate all exposed secrets such as SSH keys, API tokens and database credentials from vulnerable server