Vulnerabilities Found in React Server Components Affecting Multiple Versions
First seen 12 Dec 2025, 16:53 UTC
•
•89% similarity
•45
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Two vulnerabilities have been identified in React Server Components versions 19.0.0 to 19.2.1. CVE-2025-55184 is a pre-authentication denial of service vulnerability, while CVE-2025-55183 is an information leak vulnerability that can expose source code through crafted HTTP requests. The affected packages include react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack.
ThreatCluster AI