software

Critical Security Vulnerability in React Server Components

Published: (December 2, 2025 at 07:00 PM EST)
1 min read
Source: React Blog

Source: React Blog

Security Advisory

  • Issue: Unauthenticated remote code execution vulnerability in React Server Components.
  • Affected versions: All versions prior to the patches listed below.
  • Fix: Published in React versions 19.0.1, 19.1.2, and 19.2.1.
  • Recommendation: Upgrade immediately.
Back to Blog

Related posts

Read more »

NextJS Security Vulnerability

Article URL: https://nextjs.org/blog/CVE-2025-66478 Comments URL: https://news.ycombinator.com/item?id=46146266 Points: 13 Comments: 1...

RCE Vulnerability in React and Next.js

Article URL: https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp Comments URL: https://news.ycombinator.com/item?id=46136026 Points: 26 Co...