normie3000 9 hours ago This looks to be the same as the React RCE (https://news.ycombinator.com/item?id=46136026) but presumably it was NextJS's fault all along. gcr 8 hours ago If anything, it’s exactly the opposite embedding-shape 8 hours ago > but presumably it was NextJS's fault all along.So lazy, why are you presuming so? You just had to get to the second paragraph of the article to avoid spewing FUD...> This vulnerability originates in the upstream React implementation (CVE-2025-55182 tom1337 8 hours ago They are probably referring to Vercel playing a big part in the implementation of RSC and may be the ones who made that mistakes. Is it possible? Yes. Are there and sources for that take? None I could find.
embedding-shape 8 hours ago > but presumably it was NextJS's fault all along.So lazy, why are you presuming so? You just had to get to the second paragraph of the article to avoid spewing FUD...> This vulnerability originates in the upstream React implementation (CVE-2025-55182 tom1337 8 hours ago They are probably referring to Vercel playing a big part in the implementation of RSC and may be the ones who made that mistakes. Is it possible? Yes. Are there and sources for that take? None I could find.
tom1337 8 hours ago They are probably referring to Vercel playing a big part in the implementation of RSC and may be the ones who made that mistakes. Is it possible? Yes. Are there and sources for that take? None I could find.
This looks to be the same as the React RCE (https://news.ycombinator.com/item?id=46136026) but presumably it was NextJS's fault all along.
If anything, it’s exactly the opposite
> but presumably it was NextJS's fault all along.
So lazy, why are you presuming so? You just had to get to the second paragraph of the article to avoid spewing FUD...
> This vulnerability originates in the upstream React implementation (CVE-2025-55182
They are probably referring to Vercel playing a big part in the implementation of RSC and may be the ones who made that mistakes. Is it possible? Yes. Are there and sources for that take? None I could find.
Discussion: https://news.ycombinator.com/item?id=46136026