5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-55183

CVE-2025-55183: Source Code Exposure Vulnerability in React Server Components

Impact

There is a source code exposure vulnerability in React Server Components.

React recommends updating immediately.

The vulnerability exists in versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1 of:

These issues are present in the patches published last week.

Patches

Fixes were back ported to versions 19.0.2, 19.1.3, and 19.2.2.

If you are using any of the above packages please upgrade to any of the fixed versions immediately.

If your app’s React code does not use a server, your app is not affected by this vulnerability. If your app does not use a framework, bundler, or bundler plugin that supports React Server Components, your app is not affected by this vulnerability.

References

See the blog post for more information and upgrade instructions.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-55183

CVE-2025-55183:

5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
react-server-dom-parcel	npm	>= 19.0.0, < 19.0.2	19.0.2
react-server-dom-turbopack	npm	>= 19.0.0, < 19.0.2	19.0.2
react-server-dom-webpack	npm	>= 19.0.0, < 19.0.2	19.0.2
react-server-dom-parcel	npm	>= 19.1.0, < 19.1.3	19.1.3
react-server-dom-parcel	npm	>= 19.2.0, < 19.2.2	19.2.2
react-server-dom-turbopack	npm	>= 19.1.0, < 19.1.3	19.1.3
react-server-dom-turbopack	npm	>= 19.2.0, < 19.2.2	19.2.2
react-server-dom-webpack	npm	>= 19.1.0, < 19.1.3	19.1.3
react-server-dom-webpack	npm	>= 19.2.0, < 19.2.2	19.2.2

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.3

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-55183: Source Code Exposure Vulnerability in React Server Components

Impact

Patches

References

CVE-2025-55183:

5.3

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

5.3

5.3

CVE-2025-55183: Source Code Exposure Vulnerability in React Server Components

Impact

Patches

References

Basic Information

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI