The React2Shell Story
mufeedvh
107 points
5 comments
May 08, 2026
Related Discussions
Found 5 related stories in 97.7ms across 8,303 title embeddings via pgvector HNSW
- Building a Shell ingve · 156 pts · March 17, 2026 · 60% similar
- Show HN: A modern React onboarding tour library bilater · 11 pts · March 10, 2026 · 54% similar
- ReactOS DeathArrow · 72 pts · May 13, 2026 · 49% similar
- TanStack Start Now Support React Server Components polywock · 84 pts · April 14, 2026 · 49% similar
- Schemesh – Unix shell and Lisp REPL, now with structured pipelines cosmos0072 · 26 pts · March 16, 2026 · 48% similar
Discussion Highlights (5 comments)
keyle
Nice read! I love the "we are so back" vs. "it's so over" graph. Defines so much of this type of work. "Wow? ... nah... WOW?! ... nah..."
Rauchg
R2S was a painful one, but Lachlan was a dream of a security researcher to partner with. Not just from a responsible disclosure POV, but things like hopping on multiple calls with Meta and our team to help us validate remediations. Thank you Lachlan for helping make the internet safer (and great job on figuring out this 'labyrinth' of a vulnerability)
simonreiff
What a great write-up. Thanks for sharing how you found this fascinating vulnerability and exploit.
sam1r
>> Amazingly, despite being a weekend, the Meta team triaged, reproduced, and confirmed my submission in around 17 hours. Incredible. Realize what you have done from start to finish (with confirmation) in < 24 hours.
phyzome
Haha, nice. One correction: The link in "To be honest, I'm not even sure if I understand it, but it's on my GitHub." goes to the wrong file (01 instead of 00).