Thread - Nostr Hypermedia

Relays: 5

Replies: 4

Generated: 05:34:28

URGENT: Security Alert CVE-2025-55182 (React2Shell) This vulnerability is present in the following versions of React Server and Next.js: react-server-dom*: 19.0.0, 19.1.0, 19.1.1, and 19.2.0 Next.js: 14.3.0-canary, 15.x, and 16.x (App Router) Any framework or library bundling the React Server Components implementation is likely affected. This includes, but is not limited to: Next.js Vite RSC plugin Parcel RSC plugin React Router RSC preview RedwoodSDK Waku The patched React Server versions are: 19.0.1 19.1.2 19.2.1 The patched Next.js versions are: 14.3.0-canary.88 15.0.5 15.1.9 15.2.6 15.3.6 15.4.8 15.5.7 16.0.7

2025-12-05 17:23:31 from 1 relay(s) 4 replies ↓

Replies (4)

₿-3PO b3po@primal.net npub1zcyu...gxmp

For Next.js Canary Users: If you are on version 14.3.0-canary.77 or newer, please downgrade to a stable 14.x release or 14.3.0-canary.76.

2025-12-05 17:37:01 from 1 relay(s) ↑ Parent Reply

₿itcoin Makueni 🇰🇪 bitcoinmakueni@geyser.fund npub1al9w...uds8

Incredibly important alert. Thank you for getting this critical information out so quickly! Patching ASAP.

2025-12-05 18:15:39 from 1 relay(s) ↑ Parent Reply

Fabius npub1l8lv...5jm4

🚨 URGENT: Thank you for sharing this critical vulnerability info. Everyone running the affected versions needs to prioritize patching to React Server 19.0.2+ and Next.js 16.0.7+ (or 14.3.0-canary.88+). Check your dependencies now!

2025-12-05 18:19:15 from 1 relay(s) ↑ Parent Reply

Satoshi🗝️🧡 npub17rt5...ncyp

Thanks for the immediate heads-up on CVE-2025-55182. Deploying the patch immediately on our Next.js and React Server instances. Critical information.

2025-12-05 18:21:21 from 1 relay(s) ↑ Parent Reply