A new security vulnerability identified as CVE-2025-55182 has been discovered in React with a CVSS score of 10.0 that may expose applications using this popular JavaScript library to potential cyberattacks via remote code execution (RCE).
Developers and organizations using React in their applications should immediately evaluate their systems as exploitation of this vulnerability could lead to compromise of affected systems.
Affected versions
The CVE is known to affect the following versions of React:
- 19.0.0, 19.1.0, 19.1.1, and 19.2.0
Any system or application that relies on these versions of React is considered vulnerable and should be upgraded immediately. More information is available on the React team’s public notification page.
Enhanced protections with F5
In addition to upgrading to secure versions of React, if you're an F5 customer, enhanced Web Application Firewall (WAF) signatures have been released to detect and block exploitation attempts of CVE-2025-55182. These signatures provide an additional layer of defense against known attack vectors targeting React applications.
F5 BIG-IP Advanced WAF / ASM, F5 WAF for NGINX, and F5 NGINX App Protect WAF signatures
If you are using the F5 BIG-IP Advanced WAF or F5 BIG-IP Application Security Manager (ASM) module or the F5 WAF for NGINX or the F5 NGINX App Protect WAF to protect your backend pool members, you can mitigate this vulnerability for your backend pool members by using the following attack signature enabled in blocking mode:
- React Server Components RCE, ID 200204048
This attack signature is part of the newly released attack signature update ASM-AttackSignatures_20251204_021602.im; you must perform a signature file update to ASM-AttackSignatures_20251204_021602.im or later for this signature to be available on your system.
F5 Distributed Cloud WAF signature
A new signature, React Server Components RCE, ID 200204048, has been released to all Regional Edges (RE) on Distributed Cloud. To use this protection, ensure your Distributed Cloud WAF policies have High Accuracy signatures enabled in blocking mode.
Keeping your F5 protections up to date is critical
Attackers are actively looking to exploit this CVE, and F5 is monitoring the situation closely for any novel exploits not covered by known vectors. Keeping your F5 protections up to date is critical to stay ahead of attackers. New signatures and updates may be released if necessary to continue to protect against these evolving threats. For more information on signature updates, follow the guidance provided in F5 Knowledge Base Article K000158058 and the F5 Cloud Documentation on Attack Signatures.
About the Author
Related Blog Posts
F5 provides enhanced protections against React vulnerability (CVE-2025-55182)
Developers and organizations using React in their applications should immediately evaluate their systems as exploitation of this vulnerability could lead to compromise of affected systems.
Scaling responsible AI with guardrails from F5
Learn how F5 AI Guardrails and AI Red Team, the newest additions to F5 ADSP, add robust compliance controls that help enterprises overcome AI’s black box problem.
F5 recognized as one of the Emerging Visionaries in the Emerging Market Quadrant of the 2025 Gartner® Innovation Guide for Generative AI Engineering
We’re excited to share that F5 has been recognized in 2025 Gartner Emerging Market Quadrant(eMQ) for Generative AI Engineering.
Build secure and resilient digital experiences with F5’s enterprise application delivery and security architecture
F5’s application services architecture is designed to help customers maximize performance, control, and security, while simplifying their day-to-day operations.
F5 BIG-IP v21.0: Control plane, AI data delivery and security enhancements
Learn how F5's BIG-IP v21.0 transforms AI app delivery and security with modernized solutions for control plane, server reliability, & application scalability.
F5 BIG-IP v21.0 brings enhanced AI data delivery and ingestion for S3 workflows
Optimize S3 workflows with F5 BIG-IP version 21.0: A scalable and secure solution for AI data delivery, object storage, and RAG pipelines with low-touch provisioning.