Peter
@peterrobards.bsky.social
IT Professional. Entertainer. Filmmaker. Writer.
Reposted by Peter
Even if your app uses or connects to something that supports React Server Components! This one is nasty
CVE-2025-55182: Unauthenticated remote code execution vulnerability in React Server Components.
If your app supports React Server Components (if your app connects to a server, uses a framework, bundler, or bundler plugin that supports React Server Components) you need to upgrade immediately!
If your app supports React Server Components (if your app connects to a server, uses a framework, bundler, or bundler plugin that supports React Server Components) you need to upgrade immediately!
A perfect CVSS 10 🧑🏻🍳💋
CVE-2025-55182: Unauthenticated remote code execution vulnerability in React Server Components
The vuln is in versions 19.0, 19.1.0, 19.1.1, and 19.2.0:
react-server-dom-webpack
react-server-dom-parcel
react-server-dom-turbopack
Upgrade immediately!
CVE-2025-55182: Unauthenticated remote code execution vulnerability in React Server Components
The vuln is in versions 19.0, 19.1.0, 19.1.1, and 19.2.0:
react-server-dom-webpack
react-server-dom-parcel
react-server-dom-turbopack
Upgrade immediately!
December 3, 2025 at 9:01 PM
Even if your app uses or connects to something that supports React Server Components! This one is nasty