Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Next.js Vulnerability - CVE-2025-55183 - Vulnerability Database
Next.js

Next.js Vulnerability - CVE-2025-55183

Medium
Reference: CVE-2025-55183
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-55183
Title: Next.js Vulnerability
Overview:

An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0 19.0.1 19.1.0 19.1.1 19.1.2 19.2.0 and 19.2.1 including the following packages: react-server-dom-parcel react-server-dom-turbopack and react-server-dom-webpack. A specifically crafted HTTP request sent to a vulnerable Server Function may unsafely return the source code of any Server Function. Exploitation requires the existence of a Server Function which explicitly or implicitly exposes a stringified argument.