top of page

Critical Vulnerabilities in React and Next.js: everything you need to know

3 december 2025 om 15:57:17

wiz.io

Two critical remote code execution vulnerabilities have been discovered in React and Next.js frameworks. CVE-2025-55182 and CVE-2025-66478 pose significant security risks to applications using these popular JavaScript frameworks. Organizations are strongly advised to apply patches urgently due to the critical nature of these RCE vulnerabilities. The vulnerabilities could allow attackers to execute arbitrary code on affected systems. Wiz recommends immediate detection and mitigation efforts for these high-severity security flaws.

Related links:

https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182

Related CVE's:

CVE-2025-55182CVE-2025-66478

Related threat actors:

No threat actors found in this article

Affected products:

ReactNext.js

IOC's:

No IOCs found in this article

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page