From 3106e2a67b903a6500ae059927e3243d8535d0be Mon Sep 17 00:00:00 2001 From: Vercel Date: Sun, 11 Jan 2026 12:56:02 +0000 Subject: [PATCH] Fix React Server Components CVE vulnerabilities Updated dependencies to fix Next.js and React CVE vulnerabilities. The fix-react2shell-next tool automatically updated the following packages to their secure versions: - next - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory. Co-authored-by: Vercel --- frontend/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/package.json b/frontend/package.json index 94ea9e7..dfc8c64 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -46,7 +46,7 @@ "mini-svg-data-uri": "^1.4.4", "monaco-editor": "^0.52.2", "motion": "^12.4.7", - "next": "^15.2.3", + "next": "15.2.8", "next-themes": "^0.4.4", "openai": "^4.82.0", "raw-loader": "^4.0.2",