Discussion

Jacob Alcock

Building software and finding the holes in it.

Dec 3, 2025

Critical Vulnerability in React Server Components (CVE-2025-55182)

UPDATE: December 3, 2025 - A critical pre-authentication Remote Code Execution (RCE) vulnerability has been disclosed in React Server Components. This is a CVSS 10.0 vulnerability. If you're running Next.js 15.x, 16.x, or React 19.x in production, st...

blog.jacobalcock.co.uk7 min read

#reactjs #security #nextjs #cve

Responses

No responses yet.

Search Hashnode

Critical Vulnerability in React Server Components (CVE-2025-55182)

Responses

Recent in Forum