2025-041: Critical Security Vulnerability in React Server Components
On December 3, 2025, the React Team publicly disclosed a critical security vulnerability affecting React Server Components (RSC) and related packages. The vulnerability allows for unauthenticated remote code execution (RCE) via maliciously crafted HTTP requests. It is recommended to update all affected component packages and any frameworks that integrate them.
CSIRTS triage
- What
- A critical vulnerability allows unauthenticated remote code execution via malicious HTTP requests.
- Who is affected
- Users of React Server Components and related packages are affected.
- Urgency
- Remediation is critical due to active exploitation of the vulnerability.
- Action
- Update all affected component packages and frameworks.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch React Server Components
Get an email when a new React Server Components advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://cert.europa.eu/publications/security-advisories/2025-041/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Exploitation likely imminentCVE-2025-55182EPSS puts this in the most-targeted tier (99.6% 30-day exploitation probability). Prioritize alongside KEV items. Riskier than 100% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2025-55182 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- unknownexploitedCVE-2025-66478: RCE in React Server Componentsaws
- criticalexploitedCVE-2025-55182: Meta React Server Components Remote Code Execution Vulnerabilitycisa-kev
- unknownexploited[Update] Vulnerability in React Server Components (December 5, 2025)cert-fr-alerte
More from CERT-EU Security Advisories
- critical2026-008: Critical vulnerabilities in Ivanti Sentry2026-06-10
- critical2026-007: Critical Vulnerability in Windows Netlogon2026-06-10
- critical2026-006: Critical Vulnerability in PAN-OS2026-05-06
- high2026-005: High Vulnerability in the Linux Kernel ("Copy Fail")2026-04-30
- critical2026-004: Critical Vulnerability in SharePoint Exploited2026-03-25