AI description
CVE-2025-55183 is an information disclosure vulnerability found in React Server Components. It affects specific configurations of React Server Components versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1, including the packages react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerability allows attackers to extract the compiled source code of Server Actions through specially crafted HTTP requests. By sending a crafted HTTP request to a vulnerable Server Function, an attacker can potentially retrieve the source code of any Server Function if it explicitly or implicitly exposes a stringified argument. Exploitation requires the existence of a Server Function that exposes a stringified argument.
- Description
- An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. A specifically crafted HTTP request sent to a vulnerable Server Function may unsafely return the source code of any Server Function. Exploitation requires the existence of a Server Function which explicitly or implicitly exposes a stringified argument.
- Source
- cve-assign@fb.com
- NVD status
- Analyzed
- Products
- react, next.js
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
🚨 Weaponized & Active The React vulnerabilities we warned about? They are now fueling a large-scale espionage campaign. CVE-2025-55184 (High) CVE-2025-55183 (Medium) Don't let your assets become part of their intel. 3.1M+ Targets identified by ZoomEye. 👇 Hunt for expos
@zoomeye_team
24 Dec 2025
4324 Impressions
17 Retweets
61 Likes
26 Bookmarks
0 Replies
0 Quotes
🚨 Next.js [—] Dec 22, 2025 Comprehensive Security Advisory on Recent Next.js Vulnerabilities (CVE-2025-55184, CVE-2025-55183, CVE-2025-67779) and Mitigation Strategies Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/c6A6vTB3Ak
@transilienceai
22 Dec 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55183: React Server Components Leak Internal Server Logic Through Unsafe Serialization https://t.co/dhLhI3QJuu #CybersecurityNews #CyberSecurityAwareness #cybersecurity
@WeAreCyberP1
19 Dec 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨React Security Alert 🚨 Two critical CVEs impacting React Server Components: 🔴 CVE-2025-55184 🟠 CVE-2025-55183 If you run React / Next.js in prod, this matters. Full analysis 👇 🔗 https://t.co/M3qqD5QffB #React #NextJS #CyberSecurity #DevSecOps #WebSecurity #I
@HowTo1833326
19 Dec 2025
12 Impressions
1 Retweet
2 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 React Security Alert 🚨 Two critical CVEs Impacting React Server Components: 🔴 CVE-2025-55184 🟠 CVE-2025-55183 If you run React / Next.js in prod, this matters. Full analysis 👇 🔗 https://t.co/crVnY9xaja #React #NextJS #CyberSecurity #DevSecOps #WebSecurit
@Phill_CTH
19 Dec 2025
79 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 React Security Alert 🚨 Two critical CVEs impacting React Server Components: 🔴 CVE-2025-55184 🟠 CVE-2025-55183 If you run React / Next.js in prod, this matters. Full analysis 👇 🔗 https://t.co/crVnY9xaja #React #NextJS #CyberSecurity #DevSecOps #WebSecurity #
@Phill_CTH
19 Dec 2025
74 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 React Security Alert 🚨 Two Critical CVEs impacting React Server Components: 🔴 CVE-2025-55184 🟠 CVE-2025-55183 If you run React / Next.js in prod, this matters. Full analysis 👇 🔗 https://t.co/crVnY9xaja #React #NextJS #CyberSecurity #DevSecOps #WebSecurity #
@Phill_CTH
19 Dec 2025
74 Impressions
1 Retweet
2 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨React Security Alert 🚨 Two critical CVEs impacting React Server Components: 🔴 CVE-2025-55184 🟠 CVE-2025-55183 If you run React / Next.js in prod, this matters. Full analysis 👇 🔗 https://t.co/crVnY9xaja #React #NextJS #CyberSecurity #DevSecOps #WebSecurity #I
@Phill_CTH
19 Dec 2025
77 Impressions
2 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
Reactで新たな脆弱性 (CVE-2025-55184 / CVE-2025-67779/CVE-2025-55183) 「React2Shell(CVE-2025-55182)」とは別個の脆弱性 であり、改めてパッチ適用が必要 です。 https://t.co/c28h7dLKXa #セキュリティ対策Lab #セキュリティ #Security #
@securityLab_jp
16 Dec 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update on React2Shell guidance. After fixes for CVE-2025-55182, additional vulnerabilities were identified in React Server Components (CVE-2025-55183, CVE-2025-55184, CVE-2025-67779). These are not RCE issues, but the original patches do not fully address them and a follow-on
@Averlon_ai
15 Dec 2025
83 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
#Threat_Research 1⃣. DoS and Source Code Exposure in React Server Components - https://t.co/o3SApLEhEv // After last week's critical patch, three more, but less critical, vulnerabilities were identified in React Server Components (CVE-2025-55184, CVE-2025-67779, CVE-2025-55183
@ksg93rd
15 Dec 2025
223 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Ugh — spent half my day wrestling with yet another set of dependency CVEs in React Server Components. When will this stop? Quick reality check: ❗Multiple repos flagged ❗Vulnerabilities: CVE-2025-55183 / CVE-2025-55184 (React Server Components / related) https://t.co/GvJH8Tb
@becodewala
15 Dec 2025
151 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
80% of my repos just lit up red from React RSC CVEs (CVE-2025-55183/55184) 😩 One “small” dependency, infinite blast radius https://t.co/Xzq6mJ8xJR
@essjaykay755
15 Dec 2025
116 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🍎Appleがゼロデイ2件を修正、「極めて巧妙な攻撃」で悪用された恐れ:CVE-2025-43529、CVE-2025-14174 🚨Reactの新たな脆弱性によりDoSやソースコードの漏洩が可能になる恐れ(CVE-2025-55184、CVE-2025-67779、CVE-2025-55183)
@MachinaRecord
15 Dec 2025
333 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
修复一个,还免费送一个 ??? CVE-2025-55184, CVE-2025-55183 https://t.co/Cwg5u2YLTr
@Immerse_code
14 Dec 2025
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New React Server Components vulns dropped last week (Dec 11): Researchers found DoS (CVE-2025-55184 & CVE-2025-67779) + source code exposure (CVE-2025-55183) while poking at React2Shell patches. Separate from the RCE—those fixes still hold.
@anilvermaspeaks
14 Dec 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Urgent WAF update! 🚨 We've released emergency rules to protect against server-function exposure (CVE-2025-55183) & resource exhaustion (CVE-2025-55184). Enhanced security for your apps! 🛡️ https://t.co/ikyIQ9QaLX
@mveracf
13 Dec 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Urgent WAF update! 🚨 New rules now protect against server-function exposure (CVE-2025-55183) & React Function DoS attacks (CVE-2025-55184). Enhanced security & app availability! 🛡️ https://t.co/o78blYpjnl
@CFchangelog
13 Dec 2025
1080 Impressions
6 Retweets
29 Likes
2 Bookmarks
0 Replies
0 Quotes
🔴 React Server Components: 3 New CVEs Surface After React2Shell React2Shell (CVE-2025-55182 + CVE-2025-66478) spawned three more RSC vulnerabilities within days. CVE-2025-55183 leaks server-side source code including secrets when attackers coerce Server Functions to return
@the_c_protocol
13 Dec 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Another one React Server Components Denial of Service - High Severity: CVE-2025-55184 and CVE-2025-67779 (CVSS 7.5) Source Code Exposure - Medium Severity: CVE-2025-55183 (CVSS 5.3) https://t.co/GbSdu7ZDYe #REACT #Exploit #Security https://t.co/30xwa9eCkz
@ZoltanSEC
13 Dec 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two new vulnerabilities disclosed: High-Severity DoS (CVE-2025-55184/67779) Medium-Severity Source Code Exposure (CVE-2025-55183) https://t.co/b1s5C96F3p
@AryaAmour08
13 Dec 2025
75 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A little morning research. New React/Next.js CVE-2025-55183 Source code leakage PoC Bypasses Cloudflare! #infosec #bugbounty #bugbountytips https://t.co/h0uiWPJVXc
@viehgroup
13 Dec 2025
3054 Impressions
2 Retweets
45 Likes
21 Bookmarks
3 Replies
0 Quotes
we use nextjs for the internal tool at my work (i am the only person working on it). opened a pr 30 minutes after CVE-2025-55183/4 got patched. pr is still open. will remain open until I ask ~100 times to merge it. is it really that hard to press the fucking button?
@baga18650
12 Dec 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
بعد أسبوع بس من طلبهم الأول بتحديث المكتبات الضعيفة، فريق React رجع يطلب نفس الشيء مرة ثانية. هالمرة الباحثين اكتشفوا ثغرتين ممكن يكونوا مزعجات. CVE-2025-55184 و CV
@altmemy199
12 Dec 2025
1297 Impressions
0 Retweets
14 Likes
3 Bookmarks
0 Replies
0 Quotes
React security was mostly about preventing XSS. With RSC, the attack surface has shifted. CVE-2025-55183 proves improper Server Action validation can leak backend logic. The client-server boundary is thinner than you think.
@abieyuwaimina
12 Dec 2025
123 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55183 nuclei template https://t.co/Z2kdxBTBWi #CVE #nuclei #REACT https://t.co/9ZdG07uxFf
@sirifu4k1
12 Dec 2025
797 Impressions
4 Retweets
9 Likes
6 Bookmarks
1 Reply
0 Quotes
‼️ Next.js Security Update: December 11, 2025 Two new React Server Components bugs affect Next.js App Router apps: a DoS infinite-loop hang (CVE-2025-55183, CVE-2025-55184) and Server Function source-code exposure (CVE-2025-55183) #code https://t.co/iOUVVrGSRL
@onix_react
12 Dec 2025
63 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
NEW React/Next.JS VULNERABILITIES JUST DROPPED 🔪 CVE-2025-55183 and CVE-2025-55184 React dropping new bangers every week 🗿 https://t.co/P4J0dW3zYc
@visharadup
12 Dec 2025
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【続報・緊急】React Server Componentsに追加の脆弱性(CVE-2025-55184 / CVE-2025-55183)。前回パッチも不完全、再度アップデート必須【Next.js / Bun対応】 https://t.co/2wrFz1La0j #Qiitaアドカレ #Qiita @PythonHaruより
@yousukezan
12 Dec 2025
10376 Impressions
35 Retweets
124 Likes
68 Bookmarks
0 Replies
2 Quotes
🚨 Two new React Server Components (Next.js App Router) vulnerabilities disclosed: • CVE-2025-55184 (High) – DoS via malicious RSC payload → server hangs & CPU spike • CVE-2025-55183 (Medium) – Leak compiled Server Actions source code (business logic exposure)
@cletuskingdom
12 Dec 2025
179 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 URGENT: The React2Shell fix wasn't enough! New critical React Server Components vulnerabilities just dropped (CVE-2025-55184 DoS + CVE-2025-55183 source code leak) after researchers dug deeper into the original patches. These are separate from last week's RCE (still https:
@ronibhakta1
12 Dec 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-55183 PoC — React Server Functions source code leak Find actionId in JS chunks: // DevTools regex: "([a-f0-9]{40,42})" Send malformed RSC payload: ["$F1"] {"id":"<action-id>"} Server returns server-side code. #bugbountytips #infosec #websecurity #bugbounty ht
@themastersunil
12 Dec 2025
25 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨React Server Component has discovered more CVEs : - CVE-2025-55184 (DoS) - CVE-2025-67779 (DoS) - CVE-2025-55183 (Source code disclosure) Versions affected : 19.0.0, 19.0.1, 19.0.2, 19.1.0, 19.1.1, 19.1.2, 19.1.2, 19.2.0, 19.2.1 and 19.2.2 of: - react-server-dom-webpack -
@ValkyriSecurity
12 Dec 2025
363 Impressions
1 Retweet
6 Likes
0 Bookmarks
0 Replies
0 Quotes
[New] React just found more bugs hiding in its last big patch. 🧩 CVE-2025-55184 & CVE-2025-67779 — can crash servers with one request. 🧩 CVE-2025-55183 — can leak source code from React Server Components. 👀 All discovered while testing the earlier CVE-2025-5518
@TheHackersNews
12 Dec 2025
10589 Impressions
31 Retweets
112 Likes
24 Bookmarks
2 Replies
2 Quotes
React/Next.js CVE-2025-55183 Source code leakage PoC | Bypasses Cloudflare! https://t.co/8RaxL1MWpB
@termireum
12 Dec 2025
9212 Impressions
30 Retweets
169 Likes
105 Bookmarks
3 Replies
0 Quotes
i keep getting email every day from talha tariq for "CVE-2025-55184 and CVE-2025-55183 in the React Server Components (RSC) implementation, affecting frameworks such as Next.js. Update application with latest patch." what vibe coding does to you
@archiexzzz
12 Dec 2025
22161 Impressions
8 Retweets
381 Likes
31 Bookmarks
18 Replies
4 Quotes
A little morning research. New React/Next.js CVE-2025-55183 Source code leakage PoC Bypasses Cloudflare! @FearsOff #react #bypass #cloudflare https://t.co/4Yl4yRUg07
@k_firsov
12 Dec 2025
33218 Impressions
64 Retweets
411 Likes
246 Bookmarks
13 Replies
2 Quotes
"CVE-2025-55183 (Medium Severity – Source Code Exposure): A malicious HTTP request sent to any App Router endpoint can return the compiled source code of Server Actions. This could reveal business logic, but would not expose secrets unless they were hardcoded directly SRV ac
@marmureanuweb
12 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 React Server Components [—] Dec 12, 2025 Comprehensive security advisory focusing on multiple recent critical vulnerabilities (including CVE-2025-55182, CVE-2025-55184, CVE-2025-55183, CVE-2025-67779) affecting React Server Components and related frameworks. Detailed... ht
@transilienceai
12 Dec 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Again? In less than a week we have TWO more vulnerabilities targeting React. CVE-2025-55183 - information leak vulnerability CVE-2025-55184 - A pre-authentication denial of service vulnerability Upgrade your apps again.... https://t.co/35GNIUuXN9
@itsdevdaniel
12 Dec 2025
482 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
Woke up to more React Server Component (RSC) security news! 🚨 It's a rough morning for developers. Two new vulnerabilities disclosed: High-Severity DoS (CVE-2025-55184/67779) Medium-Severity Source Code Exposure (CVE-2025-55183) PATCH IMMEDIATELY😮💨 https://t.co/MmBp
@AryaAmour08
12 Dec 2025
250 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: React drops new security patches for CVE-2025-55183 & CVE-2025-67779 Two new vulnerabilities discovered: ✅ DoS (CVSS 7.5) - can crash your servers ✅ Source code exposure (CVSS 5.3) - leaks business logic Read Details - https://t.co/lK2IxGUuBw #React2shel
@cyberkendra
12 Dec 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New React RSC vulnerabilities just dropped! CVE-2025-55184 and CVE-2025-55183, detailed in the latest Next.js & React security bulletins. Initial patches in React 19.0.1/19.1.2/19.2.1 turned out incomplete, leading to a new DoS vuln CVE-2025-67779 https://t.co/xD9Th3fRHk
@sunggatalimbet
12 Dec 2025
370 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 React has disclosed two new, additional vulnerabilities to the critical RCE vuln of last week - CVE-2025-55183 and CVE-2025-55184. Patches are available and urged to be applied immediately. Track live attacks against React honeypots 👉https://t.co/GXFaqggV8a https://t.co
@DefusedCyber
11 Dec 2025
5241 Impressions
19 Retweets
77 Likes
20 Bookmarks
0 Replies
1 Quote
Fun react bug, (CVE-2025-55183) if you have a server side component and it explicitly or implicitly exposes a stringified argument you can get the source code for that function. Also found DoS, but reported it to vercel instead of meta and some else reported the next day 🙃 htt
@AndrewMohawk
11 Dec 2025
2673 Impressions
10 Retweets
39 Likes
10 Bookmarks
4 Replies
0 Quotes
Two new React Server Component vulnerabilities were just disclosed: 🔹 CVE-2025-55183: Info disclosure via coerced server function args 🔹 CVE-2025-55184: DoS via infinite promise recursion We've deployed Adaptive Security Engine Rapid Rules. Learn more: https://t.co/FhZApc5
@akamai_research
11 Dec 2025
5628 Impressions
2 Retweets
8 Likes
0 Bookmarks
0 Replies
2 Quotes
Cloudflare has released new emergency WAF rules addressing the following CVE to enhance customer protection. * React - Leaking Server Functions (CVE-2025-55183) * React - DoS (CVE-2025-55184) https://t.co/SdCU2jeMiQ
@Cloudforce_One
11 Dec 2025
1594 Impressions
5 Retweets
21 Likes
3 Bookmarks
2 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B63E074-FEA2-495B-98C6-9D74E343A1C0",
"versionEndExcluding": "19.0.2",
"versionStartIncluding": "19.0.0"
},
{
"criteria": "cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C133EED-6729-453F-B832-3E5A7EC22E92",
"versionEndExcluding": "19.1.3",
"versionStartIncluding": "19.1.0"
},
{
"criteria": "cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE6F153C-825C-41B6-BE6F-2552A26307E0",
"versionEndExcluding": "19.2.2",
"versionStartIncluding": "19.2.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7F89ACED-432F-4789-A368-96D4E28DEE34",
"versionEndExcluding": "15.0.7",
"versionStartIncluding": "15.0.0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "99287D38-84D1-470A-96EF-B1D851552139",
"versionEndExcluding": "15.1.11",
"versionStartIncluding": "15.1.0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "4E4E7989-19E3-44C5-B292-54C73FF3F356",
"versionEndExcluding": "15.2.8",
"versionStartIncluding": "15.2.0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "78D397D2-B678-4463-85AB-8887554166C9",
"versionEndExcluding": "15.3.8",
"versionStartIncluding": "15.3.0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "137455D1-FCE0-4A58-A479-E7CA39EA969D",
"versionEndExcluding": "15.4.10",
"versionStartIncluding": "15.4.0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7EFB67E0-24A1-4013-A654-C3EEAA2702DD",
"versionEndExcluding": "15.5.9",
"versionStartIncluding": "15.5.0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "009539CB-1F6D-446A-B581-1ABC70B10154",
"versionEndExcluding": "16.0.10",
"versionStartIncluding": "16.0.0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:-:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "3ED7F693-8012-4F88-BC71-CF108E20664A"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary0:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "40EE98AC-754A-4FD9-B51A-9E2674584FD9"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary1:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "13B41C54-AF21-4637-A852-F997635B4E83"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary10:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "91B41697-2D70-488D-A5C3-CB9D435560CA"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary11:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7D43DB84-7BCF-429B-849A-7189EC1922D0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary12:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "CEC2346B-8DBD-4D53-9866-CFBDD3AACEF2"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary13:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "2BC95097-8CA6-42FE-98D7-F968E37C11B7"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary14:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "4F8FA85C-1200-4FD2-B5D7-906300748BD4"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary15:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "5D0B177B-2A31-48E9-81C7-1024E2452486"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary16:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7CCA01F3-3A14-4450-8A68-B1DA22C685B7"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary17:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "1AB351AE-8C29-4E67-8699-0AAC6B3383E2"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary18:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "14A34D9D-5FA2-434B-836E-3CE63D716CCB"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary19:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "E8440F05-F32B-4D40-90B7-04BF22107D86"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary2:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "FB6C6F6D-1EC0-4BD9-97A4-CFDE70DF0C43"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary20:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "6189BD4C-A3E2-451B-96B2-FF01250E946D"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary21:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "389EE453-8B07-45DD-BE9C-277C9C5CB156"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary22:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "BA4D4638-4734-4B16-87AA-EF4B5D2DDD7A"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary23:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "D54A2E63-6E0C-4E17-86A8-459B0A7EE00B"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary24:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "E6136F0A-3010-4BAD-811B-D047CF5E6F64"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary25:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "525EFA40-B14B-47E9-8FBD-45721A802DB6"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary26:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "69142944-1EC0-4F94-862E-FA7F2E101101"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary27:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "30016C06-372D-4F98-84A8-0732CA054970"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary28:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "E1536E2B-84EC-46A3-9B6F-026364A9D927"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary29:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "5E6F1F60-30E2-407C-8152-EEEB7EFE24CB"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary3:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "3C907301-2C8F-465B-8134-94130E29F5DB"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary30:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "E81C89FD-40CB-471E-9967-90ACDCF79373"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary31:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "55E8AEEC-A686-49D6-B298-AEE4E838E769"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary32:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "CB0618EC-6A0B-4AC3-BF6D-E51AC84C4E15"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary33:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7B27F133-8EB4-4761-A706-DF42D4EB55F6"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary34:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "BF975472-B7E7-4AC8-B834-DA19897A4894"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary35:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "48A82613-F3FD-4E89-8E4A-F3F05A616171"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary36:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "0D42CA1F-7C21-47C1-8A9C-1015286FCBE2"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary37:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7C83A4EF-B96F-40EC-BA1F-FE1370AF78AC"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary38:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "C151FDAB-DE34-4A7E-9762-6E99386798BF"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary39:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "53025212-05F0-41FE-81F8-023B1784BB8C"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary4:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "68EAC2B9-32A5-4721-BB35-16D519CD1BBC"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary40:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7411EF71-CBEB-4127-935F-3C732A1E22AC"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary41:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "0C4B8930-1B65-4894-AFA8-C323AA7A8292"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary42:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "B4977345-BD8C-41C7-9DD7-1E41D6CC6438"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary43:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "EFE030A4-5B14-4C2D-B953-E80C98FB26EE"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary44:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "9F616FD4-83BF-4A9A-AFFD-0D3E2544DC7E"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary45:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "00512630-8B88-43B0-9ED3-2B33C64CC9A9"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary46:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "A88EEF11-C7DA-4E2D-A030-FC177E696557"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary47:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "BE8453D9-7275-4A5F-8732-F05662FFF2E8"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary48:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "E306B896-9BBB-424B-8D99-7A1A79AEFE9D"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary49:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "ACA87B86-33D5-4BEA-A13D-EEB4922D511E"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary5:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "77AA0D23-B101-445C-A260-ED3152A93D17"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary50:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7D7DCCF7-FC83-4767-A0C2-C84A8B14F93B"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary51:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "FD397568-7F1F-4153-AF08-B22D4D3B45F9"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary52:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "984416EF-B121-40CE-B3AD-E22A06BB5844"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary53:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "C4B58652-EE24-43CF-8ABE-4A01B2C9938C"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary54:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "8090CF73-AEA7-43FC-A960-321BED3B1682"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary55:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "823164E5-609D-4F24-86A5-E25618FE86A7"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary56:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "E13CD688-63C3-4FFA-9D13-696005F0C155"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary57:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "B397B18C-8A7A-4766-9A68-98B26E190A4A"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary58:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "15454C74-5F28-475D-830A-2AE603292301"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary59:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "A638BD4D-8CE5-421E-97C3-A56A4F057A50"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary6:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "2DB345E3-BAD0-497E-93AE-5E4DC669C192"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary7:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "840FEB19-2C66-4004-A488-B90219F8AC05"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary8:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "C260F966-73D7-43F3-A329-8C558A695821"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary9:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "28130A79-39B5-43E8-A690-C8E9C62483F8"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:-:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "09089CEC-B446-496E-940D-AD4FE4E440ED"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary0:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "22B740D5-0CF9-45D6-A12A-FE0567276481"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary1:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "256B837F-159D-449B-A748-5E4136E17D21"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary10:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "7091E48E-8CD5-41DB-835F-6A3DC82CC10E"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary11:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "F074BCE2-16CA-4628-9325-4C1865F71B05"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary12:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "EC66102A-F2C4-4069-A7D0-CA1E1961B048"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary13:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "D9AFF756-AD32-4B69-A3C2-CD77BEEDC30D"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary14:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "550CC768-2BFF-41D2-B2A9-6332782FAE8B"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary15:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "65B15DCD-A2F3-445A-85FC-1B35F176FAA1"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary16:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "6923D356-EF15-4747-877B-74F6B5CFC297"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary17:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "2B1A9FB9-9501-4F29-9535-D21387A668DE"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary18:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "DA2A5F90-BEC1-4588-BFD6-4D095EAB40A2"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary2:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "061F871B-F0F9-4166-8D97-3A9F6D234AD0"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary3:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "2F375E07-2ACB-4FF1-86C7-D499EEA9BD20"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary4:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "4540A878-F057-4371-97C8-B286921E7F5D"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary5:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "F7A5ED68-0BB9-4699-B0F5-C425DC92F8A9"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary6:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "76CD81F2-69D3-47F0-988E-235A16870511"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary7:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "74EE714B-8E4F-47A0-9C9C-C3A93810ABB3"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary8:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "1C2E002A-D038-492A-8B83-F5EF658B56ED"
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary9:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "F369DF32-1EF0-4342-BFEF-CFC0F485D8B6"
}
],
"operator": "OR"
}
]
}
]