Next.js Security Update: December 11, 2025
Next.js / Dec 11, 2025
- DoS via App Router deserialization (CVE-2025-55184)
- Server Functions may leak compiled source (CVE-2025-55183)
- Upgrade to listed patched Next.js versions immediately
Matched posts: 2
Denial of Service and Source Code Exposure in React Server Components
React / Dec 11, 2025
- Upgrade to 19.0.4/19.1.5/19.2.4 immediately
- DoS CVEs: CVE-2025-55184, CVE-2025-67779, CVE-2026-23864
- Source exposure CVE-2025-55183
Previous1 / 1Next