React Server Component Security Update Advisory (CVE-2026-23864)
Security Advisory

React Server Component Security Update Advisory (CVE-2026-23864)

Overview   We have released a security update to address a vulnerability in React Server Component (RSC). Users of affected products are advised to update to the latest version.    Affected Products   CVE-2026-23864   React-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack Versions: 19.0.0 and above 19.0.4 and below 19.0.4react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack Versions: 19.1.0

  • Jan 29 2026