Threat Alert: Critical Remote Code Execution in Next.js and React Server Components (CVE-2025-55182)
INFORMATIONAL ONLY
A critical remote code execution (RCE) vulnerability has been discovered in Next.js and React Server Components, identified as CVE-2025-55182, with a CVSS score of 10.0. This vulnerability is being actively exploited in the wild and allows attackers to execute arbitrary commands on vulnerable servers, potentially leading to complete system compromise, data breaches, or service disruption.
Affected Versions
- Next.js versions prior to 15.1.6 and 16.1.0
- React versions 19.0.0 through 19.2.0
- React DOM versions 19.0.0 through 19.2.0
Recommendations:
Organizations should review their application stack to identify if they are using affected versions and prioritize patching accordingly. If affected, immediately update to the following patched versions:
- Next.js 15.1.6 or later, or 16.1.0 or later
- React 19.0.0-rc or later versions
WHAT QUADRANT IS DOING FOR OUR CLIENTS:
Our team of Threat Analysts and Detection Engineers have updated our detections and will continue monitoring for these threat signatures.
Complimentary Vulnerability Scanning:
Our team has already scanned all registered domains that customers have on file with us and reached out to any clients found to be potentially vulnerable to this CVE. However to assist clients in assessing exposure to this critical vulnerability, Quadrant is offering complimentary vulnerability scanning for your domains. If you are a client and would like us to scan your web applications to determine if they are vulnerable to CVE-2025-55182, please send an email request to your SOC team with:
- Domain name(s) you would like scanned
- Authorization to conduct security testing on these domains
- Preferred contact person for results
We will conduct non-intrusive detection scans and respond, once complete, with our findings.
Additional Resources:
- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-55182
- React Security Advisory: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
- GitHub Advisory: https://github.com/advisories/GHSA-9qr9-h5gf-34mp
- Github PoC: https://github.com/l4rm4nd/CVE-2025-55182/tree/main
- Next.js Security Advisory: https://nextjs.org/blog/CVE-2025-66478
CLICK HERE TO SIGN UP FOR FREE THREAT ALERTS TO YOUR INBOX.
