turbo

d29bb06c - fix: React Server Components CVE vulnerabilities (#11245)

fix: React Server Components CVE vulnerabilities (#11245) > [!IMPORTANT] > This is an automatic PR generated by Vercel to help you patch known vulnerabilities related to CVE-2025-55182 (React2Shell), CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779. We can't guarantee the PR is comprehensive, and it may contain mistakes. Not all projects are affected by all issues, but **patched versions are required to ensure full remediation**. Vercel has deployed WAF mitigations globally to help protect your application, but upgrading remains required for complete protection. This automated pull request updates your React, Next.js, and related Server Components packages to versions that fix **all currently known React Server Components vulnerabilities**, including the two newly discovered issues. See our [Security Bulletins](https://vercel.com/kb/bulletin/) for more information and reach out to security@vercel.com with any questions. Fixes VULN-3312 --------- Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com> Co-authored-by: Anthony Shew <anthonyshew@gmail.com>