Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2026/04/10 3:35 p.m.16 views

Next.js has a Denial of Service with Server Components

A vulnerability affects certain React Server Components packages for versions 19.x and frameworks that use the affected packages, including Next.js 13.x, 14.x, 15.x, and 16.x using the App Router. The issue is tracked upstream as CVE-2026-23869. You can read more about this advisory our this...

7.5CVSS5.8AI score0.01551EPSS
Exploits3References3Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/10 3:35 p.m.6 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=9.0.0-canary.1784), @cedarjs/cli (>=1.0.0-canary.12863 <=9.0.0-canary.1784) +12 more potentially affected by CVE-2026-23869 via react-server-dom-webpack (>=19.2.1 <=19.2.4)

react-server-dom-webpack NPM version =19.2.1, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =3.0.0-canary.13429, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

7.5CVSS7.3AI score0.01551EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/04/10 3:35 p.m.6 views

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +18 more potentially affected by CVE-2026-23869 via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

7.5CVSS7.3AI score0.01551EPSS
Exploits3
F5 Networks
F5 Networks
added 2026/04/09 9:43 a.m.10 views

K000160686: React framework vulnerability CVE-2026-23869

Security Advisory Description A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. T...

7.5CVSS5.9AI score0.01551EPSS
Exploits3
Circl
Circl
added 2026/04/09 1:27 a.m.11 views

CVE-2026-23869

creationtimestamp| type| source ---|---|--- 2026-04-09 01:27:07+00:00| seen| Telegram/CihYo3BrEf6YGxiGwCEATnWAB3StjZgrXU02lSezsa6vAg 2026-04-09 07:05:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mj2amw5fac2r 2026-04-09 23:57:32+00:00| seen|...

7.5CVSS7.5AI score0.01551EPSS
Exploits3References10
vulnersOsv
vulnersOsv
added 2026/04/08 9:10 p.m.6 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=9.0.0-canary.1784), @cedarjs/cli (>=1.0.0-canary.12863 <=9.0.0-canary.1784) +12 more potentially affected by CVE-2026-23869 via react-server-dom-webpack (>=19.2.1 <=19.2.4)

react-server-dom-webpack NPM version =19.2.1, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =3.0.0-canary.13429, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

7.5CVSS7.3AI score0.01551EPSS
Exploits3
Rows per page
Query Builder