CVE-2025-55184 | Meta react-server-dom-webpack up to 19.0.1/19.1.2/19.2.1 React Server deserialization

Inserito da Angelo Barbosa | Dic 12, 2025 | CVE

A vulnerability classified as problematic has been found in Meta react-server-dom-webpack, react-server-dom-turbopack and react-server-dom-parcel up to 19.0.1/19.1.2/19.2.1. Affected by this issue is some unknown functionality of the component React Server Component. Performing manipulation results in deserialization.

This vulnerability is known as CVE-2025-55184. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-55184 | Meta react-server-dom-webpack up to 19.0.1/19.1.2/19.2.1 React Server deserialization

Post correlati

CVE-2024-8836 | PDF-XChange Editor TIF File Parser out-of-bounds (ZDI-24-1259)

CVE-2024-33525 | ILIAS up to 7.30/8.10/9.0 XML File Upload cross site scripting

CVE-2024-4797 | Campcodes Online Laundry Management System 1.0 /ajax.php name/customer_name/username cross site scripting

CVE-2024-8496 | Ivanti Workspace Control up to 10.6.30.0 default permission