From 1220fca79fb675a72ec781d63f626d4b12aac183 Mon Sep 17 00:00:00 2001 From: Vercel Date: Thu, 11 Dec 2025 07:04:59 +0000 Subject: [PATCH] Update Next.js/React Flight packages for RCE fix Updated dependencies to fix Next.js CVE vulnerabilities. The fix-react2shell-next tool automatically updated the following packages to their secure versions: - next - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory. Co-authored-by: Vercel --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 6d8a038..bb0e5fc 100644 --- a/package.json +++ b/package.json @@ -71,7 +71,7 @@ "gray-matter": "^4.0.3", "js-cookie": "^3.0.5", "lucide-react": "^0.468.0", - "next": "15.3.0", + "next": "15.3.6", "next-intl": "^4.0.2", "next-mdx-remote-client": "^2.1.1", "next-themes": "^0.4.6", @@ -112,4 +112,4 @@ "typescript": "^5" }, "packageManager": "pnpm@10.13.1+sha512.37ebf1a5c7a30d5fabe0c5df44ee8da4c965ca0c5af3dbab28c3a1681b70a256218d05c81c9c0dcf767ef6b8551eb5b960042b9ed4300c59242336377e01cfad" -} \ No newline at end of file +}