Jaye Williams

December 11, 2025

Security Update: Additional Next.js + React Server Components Vulnerabilities (CVE-2025-55183, CVE-2025-55184, CVE-2025-67779)

WordPress VIP continues to monitor and respond to the evolving security issues affecting React Server Components and frameworks that rely on them, including Next.js. Since our earlier advisory, several additional high-severity vulnerabilities have been published. What’s new Newly disclosed issues…

December 4, 2025

Security Advisory: React and Next.js Vulnerabilities (CVE-2025-66478 / CVE-2025-55182)

WordPress VIP is aware of recently disclosed critical vulnerabilities affecting React Server Components and frameworks built on top of them, including Next.js. Summary On December 3, 2025, the React and Next.js teams disclosed critical vulnerabilities: These vulnerabilities could allow unauthorized…