Security update (CVE-2025-55182) - December 22, 2025

A critical security vulnerability (CVE-2025-55182) has recently been disclosed in React 19 and related frameworks, including Next.js.

What could be the impact?

This vulnerability could allow an unauthenticated attacker to execute code on affected servers, posing a serious risk to system integrity and data security. It has already been actively exploited worldwide, with incidents reported by companies such as Cloudflare.

Current status

We have reviewed our products and confirmed that none are affected by this vulnerability.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request