247 matches found
Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components
Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-925w-6v3x-g4j4 Patches Upgrade immediately to @vitejs/[email protected] or...
GHSA-C6M7-Q6PR-C64R Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components
Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-925w-6v3x-g4j4 Patches Upgrade immediately to @vitejs/[email protected] or...
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
The React team has released fixes for two new types of flaws in React Server Components RSC that, if successfully exploited, could result in denial-of-service DoS or source code exposure. The team said the issues were found by the security community while attempting to exploit the patches release...
Node.js React Server Components Denial of Service and Source Code Exposure (CVE-2025-55183, CVE-2025-55184)
Multiple Node.js React Server Components packages are affected by denial of service and source code exposure vulnerabilities. The following Node.js packages and versions are affected: - react-server-dom-webpack 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, 19.2.1 - react-server-dom-parcel 19.0....
EUVD-2025-202924
Next Server Actions Source Code Exposure...
GHSA-W37M-7FHW-FMV9 Next Server Actions Source Code Exposure
A vulnerability affects certain React packages for versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as CVE-2025-55183. A malicious HTTP request can...
Source Code Exposure Vulnerability in React Server Components
Impact There is a source code exposure vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopa...
GHSA-925W-6V3X-G4J4 Source Code Exposure Vulnerability in React Server Components
Impact There is a source code exposure vulnerability in React Server Components. React recommends updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of: - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopa...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview react-server-dom-webpack is a React Server Components bindings for DOM using Webpack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an...
CVE-2025-55183
An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. A specifically...
github-release-monitor -- multiple vulnerabilities
https://nextjs.org/blog/security-update-2025-12-11 reports: Description Medium Source Code Exposure: CVE-2025-55183 A specifically crafted HTTP request can cause a Server Function to return the compiled source code of other Server Functions in your application. This could reveal business logic...
CVE-2025-36299
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system...
EUVD-2025-197981
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules...
CVE-2025-36299 IBM Planning Analytics Information Disclosure
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system...
CVE-2025-36299
CVE-2025-36299 affects IBM Planning Analytics Local 2.1.0–2.1.14. The advisory states that these versions store sensitive information in source code, which could be leveraged in subsequent attacks against the system. The Fix/Remediation recommends upgrading to IBM Planning Analytics Local 2.1.15 ...
PT-2025-47205
Name of the Vulnerable Software and Affected Versions IBM Planning Analytics Local versions 2.1.0 through 2.1.14 Description IBM Planning Analytics Local versions 2.1.0 through 2.1.14 stores sensitive information within its source code. This could potentially be leveraged in subsequent attacks...
Security Bulletin: IBM Security QRadar Network Threat Analytics app for IBM QRadar SIEM includes a component with known vulnerabilities (CVE-2025-29927 & CVE-2025-48068)
Summary The product includes a vulnerable component e.g., framework library that may be identified and exploited with automated tools. IBM Security QRadar Network Threat Analytics app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-29927 DESCRIPTION:...
EUVD-2006-2310
Malware in sbrugna...
EUVD-2021-18934
Malware in sbrugna...
EUVD-2011-3465
Malware in sbrugna...