CVE-2025-55184 — CVSS 7.5 (high): A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2…
CVE-2025-67779 — CVSS 7.5 (high): It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service…
CVE-2026-23864 — CVSS 7.5 (high): Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel…
CVE-2018-6341 — CVSS 6.1 (medium): React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That…
CVE-2025-55183 — CVSS 5.3 (medium): An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1…