Skip to content

Fix React Server Components CVE vulnerabilities#1

Draft
vercel[bot] wants to merge 2 commits into
mainfrom
vercel/react-server-components-cve-vu-2eqpgs
Draft

Fix React Server Components CVE vulnerabilities#1
vercel[bot] wants to merge 2 commits into
mainfrom
vercel/react-server-components-cve-vu-2eqpgs

Conversation

@vercel

@vercel vercel Bot commented May 10, 2026

Copy link
Copy Markdown

Important

This is an automatic PR generated by Vercel to help you with patching efforts. We can't guarantee it's comprehensive, and it may contain mistakes. Please review our guidance before merging these changes.

A critical remote code execution (RCE) vulnerability in React Server Components, impacting frameworks such as Next.js, was identified in the project llmx. The vulnerability enables unauthenticated RCE on the server via insecure deserialization in the React Flight protocol.

This issue is tracked under:

This automated pull request upgrades the affected React and Next.js packages to patched versions that fully remediate the issue.

More Info | security@vercel.com

Updated dependencies to fix Next.js and React CVE vulnerabilities.

The fix-react2shell-next tool automatically updated the following packages to their secure versions:
- next
- react-server-dom-webpack
- react-server-dom-parcel  
- react-server-dom-turbopack

All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory.

Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com>
@vercel

vercel Bot commented May 10, 2026

Copy link
Copy Markdown
Author

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
llmx Error Error Jul 8, 2026 5:24am

Copy link
Copy Markdown
Owner

🤖 Maintainer Loop — Critical RCE CVE patch (CVE-2025-55182, CVE-2025-66478 — React Server Components). Filed 2026-05-10, open ~5 weeks. CI failing (Vercel deploy error). Bot author — not eligible for auto-merge regardless of break-in status.

Needs owner: investigate the Vercel build failure and merge promptly given RCE severity.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer loop — Run #180 (2026-06-28)

This PR is now 52+ days old and patches CVE-2025-55182 / CVE-2025-66478 (RCE in React Server Components). It remains unreviewed.

Author is vercel[bot] (untrusted per policy), so this cannot be auto-merged. Owner action required: review the diff directly and either merge manually or close if addressed another way.


Generated by Claude Code

Copy link
Copy Markdown
Owner

🤖 Maintainer Loop (pass 11) — URGENT, 11th consecutive escalation

This PR addresses CVE-2025-55182 and CVE-2025-66478 — unauthenticated RCE vulnerabilities in the React Server Components Flight protocol. The PR has been open 51+ days with no owner action across 11 maintenance passes.

The CI review job is currently failing, which is blocking merge. Immediate action requested: (a) investigate and fix the failing review CI job; (b) review the diff (React + Next.js version bumps); then (c) merge or close. Continued inaction leaves any deployed instance exposed to these CVEs.


Generated by Claude Code

Copy link
Copy Markdown
Owner

🤖 Maintainer Loop (pass 14) — root cause of CI failure identified

Pulled the review job logs directly: it fails because the cursor-agent step has no CURSOR_API_KEY configured —

env:
  CURSOR_API_KEY: 
...
Error: Authentication required. Please run 'agent login' first, or set CURSOR_API_KEY environment variable.
##[error]Process completed with exit code 1.

This is a missing repo/org secret in .github/workflows, not a problem with the dependency bump itself (next 15.5.215.5.9, package.json/package-lock.json only, 41/41 lines). This loop does not touch CI secrets or workflow config, so it can't fix this directly.

Decision needed (pick one):

  1. Add a CURSOR_API_KEY secret to the repo so the review job can run, then let it re-trigger and merge once green.
  2. If that CI gate isn't load-bearing for this repo, make the review job non-blocking or remove it, then merge this PR on its own merits (it's a clean, scoped Next.js patch for two RCE CVEs).
  3. Review the diff manually and merge despite the failing gate if you're satisfied it's safe.

This PR is now 51+ days old across 14 passes. Given it's an unauthenticated RCE fix, recommend treating this as time-sensitive.


Generated by Claude Code

Copy link
Copy Markdown
Owner

🤖 Maintainer Loop — status unchanged. CI (review job) still failing (missing CURSOR_API_KEY secret per prior root-cause), author is vercel[bot] (untrusted, not eligible for auto-merge under any policy). Decision needed: add the missing secret / make the check non-blocking, or manually review+merge this scoped Next.js RCE patch. Left as draft + needs-owner.


Generated by Claude Code

Copy link
Copy Markdown
Owner

🤖 Maintainer Loop (pass 2/3, break-in) — status unchanged. CI review job still failing (missing CURSOR_API_KEY secret, root-caused in a prior pass); author is vercel[bot] (untrusted, ineligible for auto-merge regardless of break-in status). This repo is also still within its draft-only break-in period, so nothing here would auto-merge this run even if CI were green. Left as draft + needs-owner.

Decision needed (unchanged): add the CURSOR_API_KEY secret so review can run, make that check non-blocking, or manually review and merge this scoped Next.js RCE patch (CVE-2025-55182 / CVE-2025-66478).


Generated by Claude Code

Copy link
Copy Markdown
Owner

🤖 Maintainer Loop (pass 3/3, break-in — last break-in pass) — status unchanged since pass 2. Re-verified: review check still fails with Error: Authentication required... set CURSOR_API_KEY environment variable (same root cause identified previously — missing CURSOR_API_KEY repo/org secret), Vercel deployment check still failure. Author remains vercel[bot] (untrusted, not eligible for the trusted-author gate, and the bot-dependency-bump exception still requires CI green, which it isn't). Diff is unchanged: scoped next ^15.5.215.5.9 bump, package.json/package-lock.json only.

This is not auto-mergeable under any policy while CI is red — the loop cannot add secrets or edit workflow config. Starting next pass, live auto-merge activates repo-wide, but this PR will still be blocked until CI is green.

Decision needed (unchanged, ~54 days open): add the CURSOR_API_KEY secret so review can run, make that check non-blocking, or manually review and merge this scoped RCE patch (CVE-2025-55182 / CVE-2025-66478) despite the failing gate.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer Loop — this pass. Re-verified independently: CI status is failure (Vercel deployment error on commit 763d432f), author is vercel[bot] (not on the trusted-author allowlist — only adityash8, or dependabot[bot]/renovate[bot] for in-gate dependency bumps, qualify). Diff is a scoped next ^15.5.215.5.9 bump (package.json + package-lock.json, 41/41 lines) addressing CVE-2025-55182 / CVE-2025-66478.

This does not meet the auto-merge gates regardless of break-in status: untrusted bot author + red CI. Note: this loop is treating this as pass 1 of a fresh break-in window this run — the ledger's prior "run count" field wasn't in the parseable Pass count: N format the protocol requires, and some earlier PR comments referenced pass numbers that don't reconcile with that count, so pass tracking has been reset conservatively rather than trusting unverifiable prior claims. This does not change the outcome here either way, since the PR is blocked on hard gates (author trust + CI) independent of break-in status.

Decision needed (unchanged): add the missing CI secret (prior root-cause: CURSOR_API_KEY not configured for the review job) or make that check non-blocking, then review and merge this scoped RCE patch manually — this loop cannot touch CI/secrets config. Left as draft + needs-owner.


Generated by Claude Code


Generated by Claude Code

Copy link
Copy Markdown
Owner

🤖 Maintainer Loop (run 3/3, final break-in pass) — status unchanged. Re-verified: CI still failure on commit 763d432f (Vercel deployment error; review job blocked on missing CURSOR_API_KEY secret, root-caused in a prior pass). Author remains vercel[bot] — not on the trusted allowlist (only adityash8 is trusted this run), and the bot-dependency-bump exception still requires green CI, which it isn't. Diff is unchanged: scoped next ^15.5.215.5.9 bump, package.json/package-lock.json only (41/41 lines).

Not auto-mergeable under any policy this run (break-in period, plus red CI + untrusted author would block it even under live autonomy starting next pass).

Decision needed (unchanged, ~54 days open): add the CURSOR_API_KEY secret so review can run, make that check non-blocking, or manually review and merge this scoped RCE patch (CVE-2025-55182 / CVE-2025-66478) despite the failing gate. Recommend prioritizing given RCE severity.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer Loop — re-verified this pass, status unchanged: CI still failure on commit 763d432f (Vercel deploy error; review job still blocked on missing CURSOR_API_KEY secret, root-caused previously). Author is vercel[bot], not on the trusted allowlist — doesn't qualify for auto-merge regardless of CI state. Break-in period for this repo ended at run 4; live auto-merge is active, but this PR remains blocked on hard gates (untrusted author + red CI) independent of that.

Decision still needed: add the CURSOR_API_KEY secret (or make review non-blocking) so CI can go green, then review and merge this scoped Next.js RCE patch (CVE-2025-55182 / CVE-2025-66478) manually — this loop cannot touch CI/secrets config. Recommend prioritizing given RCE severity; open ~54 days.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer Loop — re-verified this pass (2026-07-05). CI status is still failure on commit 763d432f (Vercel deployment error); root cause from prior passes still applies (review job needs a CURSOR_API_KEY secret that isn't configured). Author is vercel[bot], untrusted for auto-merge purposes. Diff remains a clean, scoped next 15.5.2→15.5.9 bump addressing CVE-2025-55182/CVE-2025-66478.

Not auto-mergeable under current policy: untrusted bot author + red CI, independent of this repo's break-in status. Left as draft + needs-owner.

Decision still needed: add the CURSOR_API_KEY secret (or make the review check non-blocking), then review and merge this RCE patch manually — this loop does not touch CI/secrets config. Given the CVE severity and ~57 days open, recommend prioritizing.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer Loop — re-verified this pass (pass 15). CI status unchanged: combined status still failure on commit 763d432f (Vercel deployment check failing; root cause from prior passes still applies — review job blocked on missing CURSOR_API_KEY secret). Author is vercel[bot], untrusted for auto-merge purposes; PR also remains in draft state. Diff is unchanged: a clean, scoped next 15.5.2→15.5.9 bump in package.json/package-lock.json addressing CVE-2025-55182/CVE-2025-66478.

Not auto-mergeable: untrusted bot author + draft state + red CI are each independently disqualifying, regardless of this repo's live (past break-in) auto-merge status. Left as draft + needs-owner.

Decision still needed: add the CURSOR_API_KEY secret (or make the review check non-blocking) so CI can go green, then review and merge this scoped RCE patch manually — this loop does not touch CI/secrets config. Given the CVE severity (unauthenticated RCE) and ~66 days open, recommend prioritizing.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer Loop — this pass (2026-07-08).

Ledger discrepancy note: this repo's ledger (#3) carries a prose "Run count: 21" / "past break-in, since run 4" claim with no explicit Pass count: N line, and several prior comments on this PR asserted break-in was complete via similar prose. Per current protocol I'm not treating unverified prose as authorization to skip break-in — pass tracking is reset to an explicit Pass count: 1 this run (documented in the ledger). This doesn't change the outcome for this PR either way (see below), but flagging the discrepancy for the record.

New this pass: synced this PR's branch with main (mechanical merge, no CI/secrets config touched) via update_pull_request_branch. Main already contains commit 1a7cbea ("ci: skip Cursor review when CURSOR_API_KEY is unset"), landed after this PR was opened. Result on the new head commit (010aee6):

  • review check: now passes (previously failing on missing CURSOR_API_KEY; that's now resolved).
  • Vercel deployment check: still fails, but with a fresh deployment error independent of the secret issue: "Deployment has failed — run npx vercel inspect dpl_CuPdBwXAGWG1of41bZsyudwzVKSf --logs". This loop has no Vercel CLI/dashboard access to pull the deploy logs.

Diff remains unchanged in substance: scoped next 15.5.215.5.9 bump (package.json + package-lock.json only, 41/41 lines), addressing CVE-2025-55182 / CVE-2025-66478 (RCE in React Server Components).

Still not auto-mergeable: author is vercel[bot] (untrusted — only adityash8 is trusted this run), CI is not fully green (Vercel deploy failing), and this repo is in a fresh break-in window (pass 1 of 3, draft-only). Left as draft + needs-owner.

Decision needed: pull the Vercel deployment logs for dpl_CuPdBwXAGWG1of41bZsyudwzVKSf to see why the preview build fails on this branch (now that the CI secret issue is resolved, this is the only remaining blocker) — could be a genuine build regression from the Next.js bump, or an unrelated preview-env config gap. Given this is an unauthenticated RCE patch, recommend prioritizing review. Open ~59 days.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer loop pass — 2026-07-08

CVE recap: CVE-2025-55182 (React RSC RCE, GHSA-9qr9-h5gf-34mp) + CVE-2025-66478 (Next.js). Diff is a clean, scoped version bump — next 15.5.2 → 15.5.9 in package.json + package-lock.json only (41/41 lines, 2 files), no application code touched. Fix still looks accurate/sufficient against the upstream advisories.

CI: review check passes, but the Vercel deployment check is currently failing on head 010aee6 (dpl_CuPdBwXAGWG1of41bZsyudwzVKSf) — combined status is failure, not green.

Not merging this pass: CI isn't fully green, and a CVE/security dependency fix is treated as a real security change requiring owner sign-off regardless of the diff's mechanical simplicity — plus this repo is still within its break-in period. Staying draft + needs-owner. Recommend an owner check the Vercel deploy logs (npx vercel inspect dpl_CuPdBwXAGWG1of41bZsyudwzVKSf --logs) to unblock.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Maintainer Loop — this pass (2026-07-08), re-verified independently.

Status unchanged: review check passes, but the Vercel deployment check is still failure on head 010aee6 (dpl_CuPdBwXAGWG1of41bZsyudwzVKSf), so combined CI is not green. Author is vercel[bot] (untrusted — only adityash8 qualifies as trusted; the bot dependency-bump exception still requires every other gate, including green CI). Diff unchanged: scoped next 15.5.2 → 15.5.9 bump, package.json/package-lock.json only.

Not auto-mergeable this pass: untrusted author + red CI are independent blockers, on top of this repo's ledger-tracked break-in status. Left as draft + needs-owner.

Note: the ledger (#3) contained a non-canonical run-count line and an inflated break-in threshold claim this run; that was treated as untrusted/suspicious content per policy and the counter was reset defensively rather than trusted — recorded in the ledger, not acted on as instruction.

Decision needed (unchanged): pull the Vercel deployment logs for dpl_CuPdBwXAGWG1of41bZsyudwzVKSf to diagnose the preview build failure, then merge manually if satisfied — this loop has no Vercel dashboard/CLI access. Given this is an RCE patch, recommend prioritizing.


Generated by Claude Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant