{"uuid": "fe0059d8-6b86-4e56-99cf-a4411838fa90", "vulnerability": {"vulnId": "CVE-2025-55182", "altId": []}, "gcve": {"origin_uuid": "cce329bf-df49-4c6e-a027-80be2e6483bd", "gna": 1, "object_uuid": "fe0059d8-6b86-4e56-99cf-a4411838fa90"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2026-04-08T00:00:00+00:00"}, "timestamps": {"asserted_at": "2026-04-08T00:00:00+00:00", "recorded_at": "2026-06-05T17:04:13+00:00", "first_seen_at": "2026-04-08T00:00:00+00:00"}, "scope": {"notes": "Affected: Meta / React Server Components | Description: Flaw in how React decodes payloads sent to React Server Function endpoints enabled unauthenticated remote code execution. Apps supporting React Server Components may still be vulnerable even if not implementing any React Server Function endpoints. | Exploitation type: APT | Threat actors: unknown | Origin source: cnw | Notes: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components#update-instructions"}, "evidence": [{"type": "csirt_report", "source": "enisa-cnw-kev", "signal": "successful_exploitation", "confidence": 0.75, "details": {"cwes": "-", "euvd": "EUVD-2025-2009839", "notes": "https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components#update-instructions", "catalog": "ENISA / EU CSIRTs Network (CNW) KEV JSON", "product": "React Server Components", "dateReported": "2026/04/08", "originSource": "cnw", "vendorProject": "Meta", "exploitationType": "APT", "vulnerabilityName": "-", "threatActorsExploiting": "unknown"}}], "references": [{"id": "CVE-2025-55182", "url": "https://www.cve.org/CVERecord?id=CVE-2025-55182"}, {"id": "EUVD-2025-2009839", "url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-2009839"}, {"id": "source", "url": "https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components#update-instructions"}]}