Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints.
CVE-2025-55182 - Meta React Server Components Remote Code Execution Vulnerability
Meta React Server Components has a critical RCE vulnerability (CVE-2025-55182) allowing unauthenticated remote code execution via flawed payload decoding.