ThreatCluster

Vulnerabilities Found in React Server Components Affecting Multiple Versions

First seen 12 Dec 2025, 16:53 UTC Nvd.Nist 89% similarity 45

Article Content

Browse articles
ThreatCluster

Two vulnerabilities have been identified in React Server Components versions 19.0.0 to 19.2.1. CVE-2025-55184 is a pre-authentication denial of service vulnerability, while CVE-2025-55183 is an information leak vulnerability that can expose source code through crafted HTTP requests. The affected packages include react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack.

ThreatCluster AI

Community

Browse all →