Lucene search
+L
FacebookReact19.0.0

4 matches found

cve
cve
added 2025/12/03 3:40 p.m.1166 views

CVE-2025-55182

CVE-2025-55182 is a pre-auth remote code execution vulnerability in React Server Components (versions 19.0.0, 19.1.0, 19.1.1, 19.2.0) affecting react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The issue arises from unsafe deserialization of payloads in HTTP reque...

10CVSS7.8AI score0.99562EPSS
In wild
cve
cve
added 2026/01/26 7:16 p.m.96 views

CVE-2026-23864

CVE-2026-23864 affects React Server Components packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The connected advisories describe a denial-of-service condition triggered by specially crafted HTTP requests to Server Function endpoints, potentially causin...

7.5CVSS6AI score0.02499EPSS
cve
cve
added 2025/12/11 8:5 p.m.60 views

CVE-2025-55184

CVE-2025-55184 is a pre-authentication Denial of Service vulnerability in React Server Components from versions 19.0.0 through 19.2.2 (affecting react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack). The issue arises from unsafe deserialization of HTTP payloads sent t...

7.5CVSS6.6AI score0.65592EPSS
In wild
cve
cve
added 2025/12/11 8:4 p.m.30 views

CVE-2025-55183

CVE-2025-55183 is a source code disclosure vulnerability in React Server Components (RSC) Server Functions. A crafted HTTP request to a vulnerable Server Function may cause the server to return the full source code of that function when the argument is stringified. Affected are RSC versions 19.0....

5.3CVSS6.4AI score0.62405EPSS