- Description
- It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads from HTTP requests to Server Function endpoints. This can cause an infinite loop that hangs the server process and may prevent future HTTP requests from being served.
- Source
- cve-assign@fb.com
- NVD status
- Modified
- Products
- react, next.js
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
🚨 Next.js [—] Dec 22, 2025 Comprehensive Security Advisory on Recent Next.js Vulnerabilities (CVE-2025-55184, CVE-2025-55183, CVE-2025-67779) and Mitigation Strategies Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/c6A6vTB3Ak
@transilienceai
22 Dec 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Reactで新たな脆弱性 (CVE-2025-55184 / CVE-2025-67779/CVE-2025-55183) 「React2Shell(CVE-2025-55182)」とは別個の脆弱性 であり、改めてパッチ適用が必要 です。 https://t.co/c28h7dLKXa #セキュリティ対策Lab #セキュリティ #Security #
@securityLab_jp
16 Dec 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update on React2Shell guidance. After fixes for CVE-2025-55182, additional vulnerabilities were identified in React Server Components (CVE-2025-55183, CVE-2025-55184, CVE-2025-67779). These are not RCE issues, but the original patches do not fully address them and a follow-on
@Averlon_ai
15 Dec 2025
83 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
#Threat_Research 1⃣. DoS and Source Code Exposure in React Server Components - https://t.co/o3SApLEhEv // After last week's critical patch, three more, but less critical, vulnerabilities were identified in React Server Components (CVE-2025-55184, CVE-2025-67779, CVE-2025-55183
@ksg93rd
15 Dec 2025
223 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
1. 리엑트 개발 외주를 맡음 2. Denial of Service 취약점이 발견됨 (CVE-2025-55184, CVE-2025-67779) 3. 결과물에 취약점을 사용하고 연락을 기다림 4. Profit https://t.co/CUg6H5qRND
@H2Owater425
15 Dec 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🍎Appleがゼロデイ2件を修正、「極めて巧妙な攻撃」で悪用された恐れ:CVE-2025-43529、CVE-2025-14174 🚨Reactの新たな脆弱性によりDoSやソースコードの漏洩が可能になる恐れ(CVE-2025-55184、CVE-2025-67779、CVE-2025-55183)
@MachinaRecord
15 Dec 2025
333 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New React Server Components vulns dropped last week (Dec 11): Researchers found DoS (CVE-2025-55184 & CVE-2025-67779) + source code exposure (CVE-2025-55183) while poking at React2Shell patches. Separate from the RCE—those fixes still hold.
@anilvermaspeaks
14 Dec 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Another one React Server Components Denial of Service - High Severity: CVE-2025-55184 and CVE-2025-67779 (CVSS 7.5) Source Code Exposure - Medium Severity: CVE-2025-55183 (CVSS 5.3) https://t.co/GbSdu7ZDYe #REACT #Exploit #Security https://t.co/30xwa9eCkz
@ZoltanSEC
13 Dec 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
React team warns of 3 new RSCs vulns: CVE-2025-55184 & CVE-2025-67779 cause infinite loops to crash servers. https://t.co/1vmVXWEOww https://t.co/kDBnmAd4ev
@MateusGalasso
13 Dec 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
بعد أسبوع بس من طلبهم الأول بتحديث المكتبات الضعيفة، فريق React رجع يطلب نفس الشيء مرة ثانية. هالمرة الباحثين اكتشفوا ثغرتين ممكن يكونوا مزعجات. CVE-2025-55184 و CV
@altmemy199
12 Dec 2025
1297 Impressions
0 Retweets
14 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-67779 It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. Reac… https://t.co/vWb89mOv8Q
@CVEnew
12 Dec 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨React Server Component has discovered more CVEs : - CVE-2025-55184 (DoS) - CVE-2025-67779 (DoS) - CVE-2025-55183 (Source code disclosure) Versions affected : 19.0.0, 19.0.1, 19.0.2, 19.1.0, 19.1.1, 19.1.2, 19.1.2, 19.2.0, 19.2.1 and 19.2.2 of: - react-server-dom-webpack -
@ValkyriSecurity
12 Dec 2025
363 Impressions
1 Retweet
6 Likes
0 Bookmarks
0 Replies
0 Quotes
[New] React just found more bugs hiding in its last big patch. 🧩 CVE-2025-55184 & CVE-2025-67779 — can crash servers with one request. 🧩 CVE-2025-55183 — can leak source code from React Server Components. 👀 All discovered while testing the earlier CVE-2025-5518
@TheHackersNews
12 Dec 2025
10589 Impressions
31 Retweets
112 Likes
24 Bookmarks
2 Replies
2 Quotes
🚨 React Server Components [—] Dec 12, 2025 Comprehensive security advisory focusing on multiple recent critical vulnerabilities (including CVE-2025-55182, CVE-2025-55184, CVE-2025-55183, CVE-2025-67779) affecting React Server Components and related frameworks. Detailed... ht
@transilienceai
12 Dec 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: React drops new security patches for CVE-2025-55183 & CVE-2025-67779 Two new vulnerabilities discovered: ✅ DoS (CVSS 7.5) - can crash your servers ✅ Source code exposure (CVSS 5.3) - leaks business logic Read Details - https://t.co/lK2IxGUuBw #React2shel
@cyberkendra
12 Dec 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New React RSC vulnerabilities just dropped! CVE-2025-55184 and CVE-2025-55183, detailed in the latest Next.js & React security bulletins. Initial patches in React 19.0.1/19.1.2/19.2.1 turned out incomplete, leading to a new DoS vuln CVE-2025-67779 https://t.co/xD9Th3fRHk
@sunggatalimbet
12 Dec 2025
370 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:facebook:react:19.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FD201828-1BBF-45C9-B769-8C277F2227FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:facebook:react:19.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23F46EFD-6DF1-400D-B707-6013722D63A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:facebook:react:19.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B38D46-3F8A-496D-9D1E-60BEAAFA8358",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "6E0DE913-817F-40D2-BC98-0D610CCDE02A",
"versionEndExcluding": "14.2.35",
"versionStartIncluding": "13.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "7F89ACED-432F-4789-A368-96D4E28DEE34",
"versionEndExcluding": "15.0.7",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "99287D38-84D1-470A-96EF-B1D851552139",
"versionEndExcluding": "15.1.11",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "4E4E7989-19E3-44C5-B292-54C73FF3F356",
"versionEndExcluding": "15.2.8",
"versionStartIncluding": "15.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "78D397D2-B678-4463-85AB-8887554166C9",
"versionEndExcluding": "15.3.8",
"versionStartIncluding": "15.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "137455D1-FCE0-4A58-A479-E7CA39EA969D",
"versionEndExcluding": "15.4.10",
"versionStartIncluding": "15.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "7EFB67E0-24A1-4013-A654-C3EEAA2702DD",
"versionEndExcluding": "15.5.9",
"versionStartIncluding": "15.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "009539CB-1F6D-446A-B581-1ABC70B10154",
"versionEndExcluding": "16.0.10",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:-:*:*:*:node.js:*:*",
"matchCriteriaId": "3ED7F693-8012-4F88-BC71-CF108E20664A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary0:*:*:*:node.js:*:*",
"matchCriteriaId": "40EE98AC-754A-4FD9-B51A-9E2674584FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary1:*:*:*:node.js:*:*",
"matchCriteriaId": "13B41C54-AF21-4637-A852-F997635B4E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary10:*:*:*:node.js:*:*",
"matchCriteriaId": "91B41697-2D70-488D-A5C3-CB9D435560CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary11:*:*:*:node.js:*:*",
"matchCriteriaId": "7D43DB84-7BCF-429B-849A-7189EC1922D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary12:*:*:*:node.js:*:*",
"matchCriteriaId": "CEC2346B-8DBD-4D53-9866-CFBDD3AACEF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary13:*:*:*:node.js:*:*",
"matchCriteriaId": "2BC95097-8CA6-42FE-98D7-F968E37C11B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary14:*:*:*:node.js:*:*",
"matchCriteriaId": "4F8FA85C-1200-4FD2-B5D7-906300748BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary15:*:*:*:node.js:*:*",
"matchCriteriaId": "5D0B177B-2A31-48E9-81C7-1024E2452486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary16:*:*:*:node.js:*:*",
"matchCriteriaId": "7CCA01F3-3A14-4450-8A68-B1DA22C685B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary17:*:*:*:node.js:*:*",
"matchCriteriaId": "1AB351AE-8C29-4E67-8699-0AAC6B3383E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary18:*:*:*:node.js:*:*",
"matchCriteriaId": "14A34D9D-5FA2-434B-836E-3CE63D716CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary19:*:*:*:node.js:*:*",
"matchCriteriaId": "E8440F05-F32B-4D40-90B7-04BF22107D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary2:*:*:*:node.js:*:*",
"matchCriteriaId": "FB6C6F6D-1EC0-4BD9-97A4-CFDE70DF0C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary20:*:*:*:node.js:*:*",
"matchCriteriaId": "6189BD4C-A3E2-451B-96B2-FF01250E946D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary21:*:*:*:node.js:*:*",
"matchCriteriaId": "389EE453-8B07-45DD-BE9C-277C9C5CB156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary22:*:*:*:node.js:*:*",
"matchCriteriaId": "BA4D4638-4734-4B16-87AA-EF4B5D2DDD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary23:*:*:*:node.js:*:*",
"matchCriteriaId": "D54A2E63-6E0C-4E17-86A8-459B0A7EE00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary24:*:*:*:node.js:*:*",
"matchCriteriaId": "E6136F0A-3010-4BAD-811B-D047CF5E6F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary25:*:*:*:node.js:*:*",
"matchCriteriaId": "525EFA40-B14B-47E9-8FBD-45721A802DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary26:*:*:*:node.js:*:*",
"matchCriteriaId": "69142944-1EC0-4F94-862E-FA7F2E101101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary27:*:*:*:node.js:*:*",
"matchCriteriaId": "30016C06-372D-4F98-84A8-0732CA054970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary28:*:*:*:node.js:*:*",
"matchCriteriaId": "E1536E2B-84EC-46A3-9B6F-026364A9D927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary29:*:*:*:node.js:*:*",
"matchCriteriaId": "5E6F1F60-30E2-407C-8152-EEEB7EFE24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary3:*:*:*:node.js:*:*",
"matchCriteriaId": "3C907301-2C8F-465B-8134-94130E29F5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary30:*:*:*:node.js:*:*",
"matchCriteriaId": "E81C89FD-40CB-471E-9967-90ACDCF79373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary31:*:*:*:node.js:*:*",
"matchCriteriaId": "55E8AEEC-A686-49D6-B298-AEE4E838E769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary32:*:*:*:node.js:*:*",
"matchCriteriaId": "CB0618EC-6A0B-4AC3-BF6D-E51AC84C4E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary33:*:*:*:node.js:*:*",
"matchCriteriaId": "7B27F133-8EB4-4761-A706-DF42D4EB55F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary34:*:*:*:node.js:*:*",
"matchCriteriaId": "BF975472-B7E7-4AC8-B834-DA19897A4894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary35:*:*:*:node.js:*:*",
"matchCriteriaId": "48A82613-F3FD-4E89-8E4A-F3F05A616171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary36:*:*:*:node.js:*:*",
"matchCriteriaId": "0D42CA1F-7C21-47C1-8A9C-1015286FCBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary37:*:*:*:node.js:*:*",
"matchCriteriaId": "7C83A4EF-B96F-40EC-BA1F-FE1370AF78AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary38:*:*:*:node.js:*:*",
"matchCriteriaId": "C151FDAB-DE34-4A7E-9762-6E99386798BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary39:*:*:*:node.js:*:*",
"matchCriteriaId": "53025212-05F0-41FE-81F8-023B1784BB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary4:*:*:*:node.js:*:*",
"matchCriteriaId": "68EAC2B9-32A5-4721-BB35-16D519CD1BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary40:*:*:*:node.js:*:*",
"matchCriteriaId": "7411EF71-CBEB-4127-935F-3C732A1E22AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary41:*:*:*:node.js:*:*",
"matchCriteriaId": "0C4B8930-1B65-4894-AFA8-C323AA7A8292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary42:*:*:*:node.js:*:*",
"matchCriteriaId": "B4977345-BD8C-41C7-9DD7-1E41D6CC6438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary43:*:*:*:node.js:*:*",
"matchCriteriaId": "EFE030A4-5B14-4C2D-B953-E80C98FB26EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary44:*:*:*:node.js:*:*",
"matchCriteriaId": "9F616FD4-83BF-4A9A-AFFD-0D3E2544DC7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary45:*:*:*:node.js:*:*",
"matchCriteriaId": "00512630-8B88-43B0-9ED3-2B33C64CC9A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary46:*:*:*:node.js:*:*",
"matchCriteriaId": "A88EEF11-C7DA-4E2D-A030-FC177E696557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary47:*:*:*:node.js:*:*",
"matchCriteriaId": "BE8453D9-7275-4A5F-8732-F05662FFF2E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary48:*:*:*:node.js:*:*",
"matchCriteriaId": "E306B896-9BBB-424B-8D99-7A1A79AEFE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary49:*:*:*:node.js:*:*",
"matchCriteriaId": "ACA87B86-33D5-4BEA-A13D-EEB4922D511E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary5:*:*:*:node.js:*:*",
"matchCriteriaId": "77AA0D23-B101-445C-A260-ED3152A93D17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary50:*:*:*:node.js:*:*",
"matchCriteriaId": "7D7DCCF7-FC83-4767-A0C2-C84A8B14F93B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary51:*:*:*:node.js:*:*",
"matchCriteriaId": "FD397568-7F1F-4153-AF08-B22D4D3B45F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary52:*:*:*:node.js:*:*",
"matchCriteriaId": "984416EF-B121-40CE-B3AD-E22A06BB5844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary53:*:*:*:node.js:*:*",
"matchCriteriaId": "C4B58652-EE24-43CF-8ABE-4A01B2C9938C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary54:*:*:*:node.js:*:*",
"matchCriteriaId": "8090CF73-AEA7-43FC-A960-321BED3B1682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary55:*:*:*:node.js:*:*",
"matchCriteriaId": "823164E5-609D-4F24-86A5-E25618FE86A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary56:*:*:*:node.js:*:*",
"matchCriteriaId": "E13CD688-63C3-4FFA-9D13-696005F0C155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary57:*:*:*:node.js:*:*",
"matchCriteriaId": "B397B18C-8A7A-4766-9A68-98B26E190A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary58:*:*:*:node.js:*:*",
"matchCriteriaId": "15454C74-5F28-475D-830A-2AE603292301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary59:*:*:*:node.js:*:*",
"matchCriteriaId": "A638BD4D-8CE5-421E-97C3-A56A4F057A50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary6:*:*:*:node.js:*:*",
"matchCriteriaId": "2DB345E3-BAD0-497E-93AE-5E4DC669C192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary7:*:*:*:node.js:*:*",
"matchCriteriaId": "840FEB19-2C66-4004-A488-B90219F8AC05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary8:*:*:*:node.js:*:*",
"matchCriteriaId": "C260F966-73D7-43F3-A329-8C558A695821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:15.6.0:canary9:*:*:*:node.js:*:*",
"matchCriteriaId": "28130A79-39B5-43E8-A690-C8E9C62483F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:-:*:*:*:node.js:*:*",
"matchCriteriaId": "09089CEC-B446-496E-940D-AD4FE4E440ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary0:*:*:*:node.js:*:*",
"matchCriteriaId": "22B740D5-0CF9-45D6-A12A-FE0567276481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary1:*:*:*:node.js:*:*",
"matchCriteriaId": "256B837F-159D-449B-A748-5E4136E17D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary10:*:*:*:node.js:*:*",
"matchCriteriaId": "7091E48E-8CD5-41DB-835F-6A3DC82CC10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary11:*:*:*:node.js:*:*",
"matchCriteriaId": "F074BCE2-16CA-4628-9325-4C1865F71B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary12:*:*:*:node.js:*:*",
"matchCriteriaId": "EC66102A-F2C4-4069-A7D0-CA1E1961B048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary13:*:*:*:node.js:*:*",
"matchCriteriaId": "D9AFF756-AD32-4B69-A3C2-CD77BEEDC30D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary14:*:*:*:node.js:*:*",
"matchCriteriaId": "550CC768-2BFF-41D2-B2A9-6332782FAE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary15:*:*:*:node.js:*:*",
"matchCriteriaId": "65B15DCD-A2F3-445A-85FC-1B35F176FAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary16:*:*:*:node.js:*:*",
"matchCriteriaId": "6923D356-EF15-4747-877B-74F6B5CFC297",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary17:*:*:*:node.js:*:*",
"matchCriteriaId": "2B1A9FB9-9501-4F29-9535-D21387A668DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary18:*:*:*:node.js:*:*",
"matchCriteriaId": "DA2A5F90-BEC1-4588-BFD6-4D095EAB40A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary2:*:*:*:node.js:*:*",
"matchCriteriaId": "061F871B-F0F9-4166-8D97-3A9F6D234AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary3:*:*:*:node.js:*:*",
"matchCriteriaId": "2F375E07-2ACB-4FF1-86C7-D499EEA9BD20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary4:*:*:*:node.js:*:*",
"matchCriteriaId": "4540A878-F057-4371-97C8-B286921E7F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary5:*:*:*:node.js:*:*",
"matchCriteriaId": "F7A5ED68-0BB9-4699-B0F5-C425DC92F8A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary6:*:*:*:node.js:*:*",
"matchCriteriaId": "76CD81F2-69D3-47F0-988E-235A16870511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary7:*:*:*:node.js:*:*",
"matchCriteriaId": "74EE714B-8E4F-47A0-9C9C-C3A93810ABB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary8:*:*:*:node.js:*:*",
"matchCriteriaId": "1C2E002A-D038-492A-8B83-F5EF658B56ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vercel:next.js:16.1.0:canary9:*:*:*:node.js:*:*",
"matchCriteriaId": "F369DF32-1EF0-4342-BFEF-CFC0F485D8B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]