Search criteria
14 vulnerabilities
CVE-2026-23870 (GCVE-0-2026-23870)
Vulnerability from cvelistv5 – Published: 2026-05-06 16:24 – Updated: 2026-05-06 19:06
VLAI?
Summary
A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessive CPU usage; affecting the following packages: react-server-dom-webpack, react-server-dom-parcel, react-server-dom-turbopack (versions 19.0.0 through 19.0.5, 19.1.0 through 19.1.6, and 19.2.0 through 19.2.5).
Severity ?
7.5 (High)
CWE
- (CWE-502) Deserialization of Untrusted Data, (CWE-400) Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meta | react-server-dom-turbopack |
Affected:
19.0.0 , ≤ 19.0.5
(semver)
Affected: 19.1.0 , ≤ 19.1.6 (semver) Affected: 19.2.0 , ≤ 19.2.5 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23870",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T19:03:16.700440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T19:06:00.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "react-server-dom-turbopack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.5",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.6",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.5",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-parcel",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.5",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.6",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.5",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-webpack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.5",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.6",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.5",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2026-05-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessive CPU usage; affecting the following packages: react-server-dom-webpack, react-server-dom-parcel, react-server-dom-turbopack (versions 19.0.0 through 19.0.5, 19.1.0 through 19.1.6, and 19.2.0 through 19.2.5)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "(CWE-502) Deserialization of Untrusted Data, (CWE-400) Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T16:24:55.620Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/facebook/react/security/advisories/GHSA-rv78-f8rc-xrxh"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2026-23870",
"datePublished": "2026-05-06T16:24:55.620Z",
"dateReserved": "2026-01-16T19:49:26.309Z",
"dateUpdated": "2026-05-06T19:06:00.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23866 (GCVE-0-2026-23866)
Vulnerability from cvelistv5 – Published: 2026-05-01 16:02 – Updated: 2026-05-01 17:42
VLAI?
Summary
Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device, including triggering OS-controlled custom URL scheme handlers. We have not seen evidence of exploitation in the wild.
Severity ?
CWE
- Improper Verification of Source of a Communication Channel (CWE-940)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| WhatsApp for Android |
Affected:
2.25.8.0 , < 2.26.7.10
(semver)
|
||||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23866",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-01T17:41:43.060585Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-940",
"description": "CWE-940 Improper Verification of Source of a Communication Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-01T17:42:09.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WhatsApp for Android",
"vendor": "Facebook",
"versions": [
{
"lessThan": "2.26.7.10",
"status": "affected",
"version": "2.25.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WhatsApp for iOS",
"vendor": "Facebook",
"versions": [
{
"lessThan": "2.26.15.72",
"status": "affected",
"version": "2.25.8.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2026-04-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Incomplete validation of AI rich response messages for Instagram Reels in WhatsApp for iOS v2.25.8.0 to v2.26.15.72 and WhatsApp for Android v2.25.8.0 to v2.26.7.10 could have allowed a user to trigger processing of media content from an arbitrary URL on another user\u2019s device, including triggering OS-controlled custom URL scheme handlers. We have not seen evidence of exploitation in the wild."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Verification of Source of a Communication Channel (CWE-940)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-01T16:10:25.306Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2026-23866"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.whatsapp.com/security/advisories/2026"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2026-23866",
"datePublished": "2026-05-01T16:02:03.304Z",
"dateReserved": "2026-01-16T19:49:26.309Z",
"dateUpdated": "2026-05-01T17:42:09.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23863 (GCVE-0-2026-23863)
Vulnerability from cvelistv5 – Published: 2026-05-01 16:01 – Updated: 2026-05-01 17:41
VLAI?
Summary
An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of exploitation in the wild.
Severity ?
CWE
- Improper Neutralization of Null Byte or NUL Character (CWE-158)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WhatsApp Desktop for Windows |
Affected:
2.3000.*.252500 , < 2.3000.1032164386.258709
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-01T17:40:45.569668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-158",
"description": "CWE-158 Improper Neutralization of Null Byte or NUL Character",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-01T17:41:14.681Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WhatsApp Desktop for Windows",
"vendor": "Facebook",
"versions": [
{
"lessThan": "2.3000.1032164386.258709",
"status": "affected",
"version": "2.3000.*.252500",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2026-04-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of exploitation in the wild."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Neutralization of Null Byte or NUL Character (CWE-158)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-01T16:15:38.171Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2026-23863"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.whatsapp.com/security/advisories/2026"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2026-23863",
"datePublished": "2026-05-01T16:01:39.565Z",
"dateReserved": "2026-01-16T19:49:26.308Z",
"dateUpdated": "2026-05-01T17:41:14.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23869 (GCVE-0-2026-23869)
Vulnerability from cvelistv5 – Published: 2026-04-08 19:11 – Updated: 2026-06-30 12:06
VLAI?
Summary
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack (versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4). The vulnerability is triggered by sending specially crafted HTTP requests to Server Function endpoints.The payload of the HTTP request causes excessive CPU usage for up to a minute ending in a thrown error that is catchable.
Severity ?
7.5 (High)
CWE
- (CWE-502) Deserialization of Untrusted Data, (CWE-400) Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meta | react-server-dom-turbopack |
Affected:
19.0.0 , ≤ 19.0.4
(semver)
Affected: 19.1.0 , ≤ 19.1.5 (semver) Affected: 19.2.0 , ≤ 19.2.4 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T19:55:33.314236Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:56:22.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
}
],
"datePublic": "2026-04-08T19:11:08.418Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack. Specially crafted HTTP requests to server function endpoints can result in an excessive consumption of CPU resources for up to a minute, causing an error that is catchable."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:06:42.728Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-23869"
},
{
"name": "RHBZ#2456663",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456663"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23869.json"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-08T20:01:00.803Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-08T19:11:08.418Z",
"value": "Made public."
}
],
"title": "react-server-dom-parcel: react-server-dom-turbopack: react-server-dom-webpack: denial of service via specially crafted HTTP requests to Server Function endpoints",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "react-server-dom-turbopack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.4",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.5",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.4",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-parcel",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.4",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.5",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.4",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-webpack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.4",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.5",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.4",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2026-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack (versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4). The vulnerability is triggered by sending specially crafted HTTP requests to Server Function endpoints.The payload of the HTTP request causes excessive CPU usage for up to a minute ending in a thrown error that is catchable."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "(CWE-502) Deserialization of Untrusted Data, (CWE-400) Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:11:08.418Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/facebook/react/security/advisories/GHSA-479c-33wc-g2pg"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2026-23869",
"datePublished": "2026-04-08T19:11:08.418Z",
"dateReserved": "2026-01-16T19:49:26.309Z",
"dateUpdated": "2026-06-30T12:06:42.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23868 (GCVE-0-2026-23868)
Vulnerability from cvelistv5 – Published: 2026-03-10 18:53 – Updated: 2026-06-30 03:17
VLAI?
Summary
Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
Severity ?
5.1 (Medium)
CWE
- CWE-415 - Double Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-23868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T15:44:19.761510Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T15:44:58.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1",
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1",
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CRB (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-10T18:53:25.606Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in giflib. This double-free vulnerability, caused by a shallow copy in GifMakeSavedImage and incorrect error handling, may allow an attacker to corrupt memory. While difficult to trigger, successful exploitation could potentially lead to arbitrary code execution or a denial of service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:17:36.272Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-23868"
},
{
"name": "RHBZ#2446207",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446207"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23868.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8883"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9290"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8858"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19154"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8861"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8884"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8885"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8887"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8886"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9291"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9292"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9295"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9294"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8859"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19367"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25096"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19724"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19725"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16008"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16030"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16009"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16174"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:8883: Red Hat Enterprise Linux Server (v. 7 ELS), Red Hat Enterprise Linux Server Optional (v. 7 ELS)"
},
{
"lang": "en",
"value": "RHSA-2026:9290: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8858: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19154: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:8861: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:8884: Red Hat Enterprise Linux AppStream AUS (v. 8.2)"
},
{
"lang": "en",
"value": "RHSA-2026:8885: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:8887: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:8886: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:9291: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:9292: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:9295: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:9294: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:8859: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19367: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:25096: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:19724: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:19725: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:16008: Red Hat AI Inference Server 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:16030: Red Hat AI Inference Server 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:16009: Red Hat AI Inference Server 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:16174: Red Hat AI Inference Server 3.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-10T20:01:10.215Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-10T18:53:25.606Z",
"value": "Made public."
}
],
"title": "giflib: Giflib: Double-free vulnerability leading to memory corruption",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "giflib",
"vendor": "giflib",
"versions": [
{
"lessThanOrEqual": "6.1.1",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2026-03-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-415: Double Free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T18:53:25.606Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2026-23868"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.c?diff=5146815377b7395944cb683a08c43eee3f631eb7"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2026-23868",
"datePublished": "2026-03-10T18:53:25.606Z",
"dateReserved": "2026-01-16T19:49:26.309Z",
"dateUpdated": "2026-06-30T03:17:36.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23865 (GCVE-0-2026-23865)
Vulnerability from cvelistv5 – Published: 2026-03-02 16:09 – Updated: 2026-03-04 00:16
VLAI?
Summary
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.
Severity ?
CWE
- CWE-125 - Out of Bounds Read
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T16:25:34.989518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T16:26:15.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-03-04T00:16:54.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/03/03/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "FreeType",
"vendor": "FreeType",
"versions": [
{
"lessThanOrEqual": "2.13.3",
"status": "affected",
"version": "2.13.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.14.1",
"status": "affected",
"version": "2.14.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2026-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out of Bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T16:09:42.079Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2026-23865"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gitlab.com/freetype/freetype/-/commit/fc85a255849229c024c8e65f536fe1875d84841c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/projects/freetype/files/freetype2/2.14.2/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2026-23865",
"datePublished": "2026-03-02T16:09:42.079Z",
"dateReserved": "2026-01-16T19:49:26.309Z",
"dateUpdated": "2026-03-04T00:16:54.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23864 (GCVE-0-2026-23864)
Vulnerability from cvelistv5 – Published: 2026-01-26 19:16 – Updated: 2026-07-03 12:04
VLAI?
Summary
Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack.
The vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints, and could lead to server crashes, out-of-memory exceptions or excessive CPU usage; depending on the vulnerable code path being exercised, the application configuration and application code.
Strongly consider upgrading to the latest package versions to reduce risk and prevent availability issues in applications using React Server Components.
Severity ?
7.5 (High)
CWE
- (CWE-502): Deserialization of Untrusted Data. (CWE-400): Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meta | react-server-dom-webpack |
Affected:
19.0.0 , < 19.0.4
(semver)
Affected: 19.1.0 , < 19.1.5 (semver) Affected: 19.2.0 , < 19.2.4 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-23864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-26T20:26:03.428817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T20:26:45.709Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:amq_streams:2.9::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 2.9.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3.2::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 3.2.0",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-26T19:16:38.250Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T12:04:51.558Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-23864"
},
{
"name": "RHBZ#2433059",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23864.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
},
{
"lang": "en",
"value": "RHSA-2026:13571: Streams for Apache Kafka 3.2.0"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-26T20:01:54.396Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-26T19:16:38.250Z",
"value": "Made public."
}
],
"title": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "react-server-dom-webpack",
"vendor": "Meta",
"versions": [
{
"lessThan": "19.0.4",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThan": "19.1.5",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThan": "19.2.4",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-turbopack",
"vendor": "Meta",
"versions": [
{
"lessThan": "19.0.4",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThan": "19.1.5",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThan": "19.2.4",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-parcel",
"vendor": "Meta",
"versions": [
{
"lessThan": "19.0.4",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThan": "19.1.5",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThan": "19.2.4",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack.\n\nThe vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints, and could lead to server crashes, out-of-memory exceptions or excessive CPU usage; depending on the vulnerable code path being exercised, the application configuration and application code.\n\nStrongly consider upgrading to the latest package versions to reduce risk and prevent availability issues in applications using React Server Components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "(CWE-502): Deserialization of Untrusted Data. (CWE-400): Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T19:16:38.250Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2026-23864"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2026-23864",
"datePublished": "2026-01-26T19:16:38.250Z",
"dateReserved": "2026-01-16T19:49:26.309Z",
"dateUpdated": "2026-07-03T12:04:51.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-67779 (GCVE-0-2025-67779)
Vulnerability from cvelistv5 – Published: 2025-12-11 23:36 – Updated: 2025-12-12 18:40
VLAI?
Summary
It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads from HTTP requests to Server Function endpoints. This can cause an infinite loop that hangs the server process and may prevent future HTTP requests from being served.
Severity ?
7.5 (High)
CWE
- (CWE-502) Deserialization of Untrusted Data, (CWE-400) Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meta | react-server-dom-parcel |
Affected:
19.0.2 , ≤ 19.0.2
(semver)
Affected: 19.1.3 , ≤ 19.1.3 (semver) Affected: 19.2.2 , ≤ 19.2.2 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-12T18:39:24.796538Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T18:40:45.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "react-server-dom-parcel",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.2",
"status": "affected",
"version": "19.0.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.3",
"status": "affected",
"version": "19.1.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.2",
"status": "affected",
"version": "19.2.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-turbopack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.2",
"status": "affected",
"version": "19.0.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.3",
"status": "affected",
"version": "19.1.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.2",
"status": "affected",
"version": "19.2.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-webpack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.2",
"status": "affected",
"version": "19.0.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.3",
"status": "affected",
"version": "19.1.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.2",
"status": "affected",
"version": "19.2.2",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads from HTTP requests to Server Function endpoints. This can cause an infinite loop that hangs the server process and may prevent future HTTP requests from being served."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "(CWE-502) Deserialization of Untrusted Data, (CWE-400) Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T23:36:20.699Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-67779"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://react.dev/blog/2025/12/11/denial-of-service-and-source-code-exposure-in-react-server-components"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2025-67779",
"datePublished": "2025-12-11T23:36:20.699Z",
"dateReserved": "2025-12-11T22:58:08.827Z",
"dateUpdated": "2025-12-12T18:40:45.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55184 (GCVE-0-2025-55184)
Vulnerability from cvelistv5 – Published: 2025-12-11 20:05 – Updated: 2025-12-15 16:37
VLAI?
Summary
A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints, which can cause an infinite loop that hangs the server process and may prevent future HTTP requests from being served.
Severity ?
7.5 (High)
CWE
- (CWE-502) Deserialization of Untrusted Data. (CWE-400) Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meta | react-server-dom-webpack |
Affected:
19.0.0 , ≤ 19.0.1
(semver)
Affected: 19.1.0 , ≤ 19.1.2 (semver) Affected: 19.2.0 , ≤ 19.2.1 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55184",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-15T16:36:27.831763Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T16:37:06.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KingHacker353/CVE-2025-55184"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "react-server-dom-webpack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.1",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.2",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.1",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-turbopack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.1",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.2",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.1",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-parcel",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.1",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.2",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.1",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-12-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints, which can cause an infinite loop that hangs the server process and may prevent future HTTP requests from being served."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "(CWE-502) Deserialization of Untrusted Data. (CWE-400) Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T20:11:26.262Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-55184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://react.dev/blog/2025/12/11/denial-of-service-and-source-code-exposure-in-react-server-components"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2025-55184",
"datePublished": "2025-12-11T20:05:01.328Z",
"dateReserved": "2025-08-08T18:21:47.119Z",
"dateUpdated": "2025-12-15T16:37:06.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55183 (GCVE-0-2025-55183)
Vulnerability from cvelistv5 – Published: 2025-12-11 20:04 – Updated: 2026-01-07 16:26
VLAI?
Summary
An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. A specifically crafted HTTP request sent to a vulnerable Server Function may unsafely return the source code of any Server Function. Exploitation requires the existence of a Server Function which explicitly or implicitly exposes a stringified argument.
Severity ?
5.3 (Medium)
CWE
- (CWE-502) Deserialization of Untrusted Data. (CWE-497) Exposure of Sensitive System Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meta | react-server-dom-webpack |
Affected:
19.0.0 , ≤ 19.0.1
(semver)
Affected: 19.1.0 , ≤ 19.1.2 (semver) Affected: 19.2.0 , ≤ 19.2.1 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55183",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T16:24:47.971492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:26:47.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "react-server-dom-webpack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.1",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.2",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.1",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-turbopack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.1",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.2",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.1",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-parcel",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.1",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.2",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.1",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-12-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. A specifically crafted HTTP request sent to a vulnerable Server Function may unsafely return the source code of any Server Function. Exploitation requires the existence of a Server Function which explicitly or implicitly exposes a stringified argument."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "(CWE-502) Deserialization of Untrusted Data. (CWE-497) Exposure of Sensitive System Information to an Unauthorized Actor",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T20:09:32.286Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-55183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://react.dev/blog/2025/12/11/denial-of-service-and-source-code-exposure-in-react-server-components"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2025-55183",
"datePublished": "2025-12-11T20:04:48.655Z",
"dateReserved": "2025-08-08T18:21:47.119Z",
"dateUpdated": "2026-01-07T16:26:47.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55182 (GCVE-0-2025-55182)
Vulnerability from cvelistv5 – Published: 2025-12-03 15:40 – Updated: 2026-02-26 16:57
VLAI?
Summary
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
Severity ?
10 (Critical)
CWE
- Deserialization of Untrusted Data (CWE-502)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Meta | react-server-dom-webpack |
Affected:
19.0.0 , ≤ 19.0.0
(semver)
Affected: 19.1.0 , ≤ 19.1.1 (semver) Affected: 19.2.0 , ≤ 19.2.0 (semver) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55182",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-06T04:55:43.783137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-12-05",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-55182"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:36.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"media-coverage"
],
"url": "https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-55182"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-05T00:00:00.000Z",
"value": "CVE-2025-55182 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-12-04T17:32:12.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/12/03/4"
},
{
"url": "https://news.ycombinator.com/item?id=46136026"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "react-server-dom-webpack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.0",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.1",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.0",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-turbopack",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.0",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.1",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.0",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "react-server-dom-parcel",
"vendor": "Meta",
"versions": [
{
"lessThanOrEqual": "19.0.0",
"status": "affected",
"version": "19.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.1.1",
"status": "affected",
"version": "19.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "19.2.0",
"status": "affected",
"version": "19.2.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Deserialization of Untrusted Data (CWE-502)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T20:15:37.699Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-55182"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2025-55182",
"datePublished": "2025-12-03T15:40:56.894Z",
"dateReserved": "2025-08-08T18:21:47.119Z",
"dateUpdated": "2026-02-26T16:57:36.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55181 (GCVE-0-2025-55181)
Vulnerability from cvelistv5 – Published: 2025-12-02 22:13 – Updated: 2025-12-03 00:33
VLAI?
Summary
Sending an HTTP request/response body with greater than 2^31 bytes triggers an infinite loop in proxygen::coro::HTTPQuicCoroSession which blocks the backing event loop and unconditionally appends data to a std::vector per-loop iteration. This issue leads to unbounded memory growth and eventually causes the process to run out of memory.
Severity ?
5.3 (Medium)
CWE
- Excessive Iteration (CWE-834)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-03T00:33:16.510713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-834",
"description": "CWE-834 Excessive Iteration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T00:33:57.022Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "proxygen",
"vendor": "Facebook",
"versions": [
{
"lessThanOrEqual": "v2025.12.01.00",
"status": "affected",
"version": "v2025.08.25.00",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-12-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sending an HTTP request/response body with greater than 2^31 bytes triggers an infinite loop in proxygen::coro::HTTPQuicCoroSession which blocks the backing event loop and unconditionally appends data to a std::vector per-loop iteration. This issue leads to unbounded memory growth and eventually causes the process to run out of memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Excessive Iteration (CWE-834)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T22:13:31.101Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-55181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/facebook/proxygen/commit/17689399ef99b7c3d3a8b2b768b1dba1a4b72f8f"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2025-55181",
"datePublished": "2025-12-02T22:13:31.101Z",
"dateReserved": "2025-08-08T18:21:47.119Z",
"dateUpdated": "2025-12-03T00:33:57.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55179 (GCVE-0-2025-55179)
Vulnerability from cvelistv5 – Published: 2025-11-18 13:56 – Updated: 2025-11-18 14:25
VLAI?
Summary
Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We have not seen evidence of exploitation in the wild.
Severity ?
CWE
- Incorrect Authorization (CWE-863)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| WhatsApp Business for iOS |
Affected:
2.25.8.14 , < 2.25.23.82
(semver)
|
|||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55179",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T14:22:05.852548Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T14:25:08.232Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WhatsApp Business for iOS",
"vendor": "Facebook",
"versions": [
{
"lessThan": "2.25.23.82",
"status": "affected",
"version": "2.25.8.14",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WhatsApp for iOS",
"vendor": "Facebook",
"versions": [
{
"lessThan": "2.25.23.73",
"status": "affected",
"version": "2.25.8.17",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WhatsApp Desktop for Mac",
"vendor": "Facebook",
"versions": [
{
"lessThan": "2.25.23.83",
"status": "affected",
"version": "2.25.8.14",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user\u2019s device. We have not seen evidence of exploitation in the wild."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Authorization (CWE-863)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T13:56:31.598Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-55179"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.whatsapp.com/security/advisories/2025/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2025-55179",
"datePublished": "2025-11-18T13:56:31.598Z",
"dateReserved": "2025-08-08T18:21:47.119Z",
"dateUpdated": "2025-11-18T14:25:08.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55178 (GCVE-0-2025-55178)
Vulnerability from cvelistv5 – Published: 2025-09-24 18:31 – Updated: 2025-09-24 18:50
VLAI?
Summary
Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution.
Severity ?
5.3 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Meta Platforms, Inc | Llama Stack |
Affected:
0.0.0 , < 0.2.20
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-55178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-24T18:49:33.013687Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T18:50:01.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Llama Stack",
"vendor": "Meta Platforms, Inc",
"versions": [
{
"lessThan": "0.2.20",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-09-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T18:31:28.309Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "Meta"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-55178"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/llamastack/llama-stack/pull/3281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/llamastack/llama-stack/releases/tag/v0.2.20"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "Meta",
"cveId": "CVE-2025-55178",
"datePublished": "2025-09-24T18:31:28.309Z",
"dateReserved": "2025-08-08T18:21:47.119Z",
"dateUpdated": "2025-09-24T18:50:01.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}