From 1da072ea146fd04cf8988fb92dc662594b6b2735 Mon Sep 17 00:00:00 2001 From: Vercel Date: Sun, 19 Apr 2026 18:39:00 +0000 Subject: [PATCH] Fix React Server Components CVE vulnerabilities Updated dependencies to fix Next.js and React CVE vulnerabilities. The fix-react2shell-next tool automatically updated the following packages to their secure versions: - next - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory. Co-authored-by: Vercel --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index fab600e..b61700a 100644 --- a/package.json +++ b/package.json @@ -16,7 +16,7 @@ "autoprefixer": "10.4.13", "dotenv": "16.3.1", "find-config": "1.0.0", - "next": "14.2.4", + "next": "14.2.35", "rc-slider": "10.3.1", "react": "18.3.1", "react-dom": "18.3.1",