An unauthenticated remote code execution was made possible through a critical vulnerability in React Server Components. Meanwhile, the New Zealand-based security researcher Lachlan Davidson found that a serious flaw. This vulnerability has a high impact on thousands of applications leveraging the React and Next.js frameworks. The vulnerability stems from unsafe deserialization of Flight payloads returned by React components on the server. The flaw is a critical RCE vulnerability where unauthenticated potential attackers could compromise the system.
Davidson disclosed the vulnerability to Meta on November 29, 2022. For those who don’t know, Meta originally developed and open sourced the JavaScript library. In October 2025, they eventually moved its governance to the React Foundation. The vulnerability has been patched in versions of all key affected npm packages, such as react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. More specifically, impacted versions are 19.0, 19.1.0, 19.1.1 and 19.2.0.
Nature of the Vulnerability
The underlying cause of this vulnerability is the way that deserialized payloads are handled by the React Flight protocol. As an example, unsafe deserialization can lead to arbitrary code execution at the server-side. This CVE enables bad actors to remotely deliver specially crafted invalid HTTP requests. Using this inability to sanitize user-side requests, these requests can directly control server-side execution through harmful scripted payloads.
“Malformed or adversarial payloads can influence server-side execution in unintended ways.” – Aikido
The implications of this flaw are severe. An attacker needs only network access to send a crafted request to any of the Server Function endpoints. This could then allow unauthorized actions to be taken on the server. This is a dangerous capability. More than 968,000 servers that support applications built on popular frameworks including React and Next.js have been flagged as vulnerable.
“An attacker needs only network access to send a crafted HTTP request to any Server Function endpoint.” – Endor Labs
What’s worse, according to reports, 39% of cloud environments have at least one instance vulnerable to CVE-2025-55182 and/or CVE-2025-66478. This makes for a very profitable attack surface for bad actors wanting to target naive applications.
Recommended Mitigations
Given the nature of this vulnerability, swift action is required for anyone running impacted systems. The React team has already released patches fixing the issue in versions 19.0.1, 19.1.2, and 19.2.1. Until these patches can be fully applied across all systems, security experts recommend deploying Web Application Firewall (WAF) rules if available.
Beyond the above, we highly encourage users to constantly monitor the HTTP traffic going to Server Function endpoints. Look for unusual or badly formed requests. Taking temporary measures to limit network access to impacted applications would help lessen exposure while permanent fixes are made.
“Even if your app does not implement any React Server Function endpoints, it may still be vulnerable if your app supports React Server Components.” – The React Team
According to Upwind researchers Avital Harel and Guy Gilad, “These endpoints accept structured Flight payloads directly from the browser.” This reality especially highlights the need for caution by developers and administrators to protect their applications from being exploited.
Expert Insights
Security experts have lamented the communicative underbelly of this particular vulnerability. Justin Moore explains that it’s the equivalent of a “master key exploit.” It is most successful by injecting malware or backdoors, leveraging the storied trust placed upon new data formats, not bringing down infrastructures.
“This newly discovered flaw is a critical threat because it is a master key exploit, succeeding not by crashing the system, but by abusing its trust in incoming data structures.” – Justin Moore
Moore continues by emphasizing that the system enables execution of malicious payloads just as dependably as it runs valid code. It runs just like it should, only with toxic input instead.
“The system executes the malicious payload with the same reliability as legitimate code because it operates exactly as intended, but on malicious input.” – Justin Moore
This vulnerability is currently being actively researched by OX Security and Upwind researchers. They’ve published public reports that detail its implications and the risks of its exploitation.