Home / Security updates / CVE-2025-55182 React Vulnerability - Response
CVE-2025-55182 React Vulnerability - Response
Security updates detail rendered from /security-updates/upd_33cf25bd07b87f4c.
Overview
| ID | upd_33cf25bd07b87f4c |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | monday.com |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_33cf25bd07b87f4c |
| providerId | safebase |
| organizationId | org_474c12ff15072688 |
| trustCenterId | tc_41a964a6e38db8f3 |
| title | CVE-2025-55182 React Vulnerability - Response |
| message | monday.com can confirm that we are unaffected by React2 critical vulnerability CVE-2025-55182. We have reviewed our software repositories to confirm we have no usage of this vulnerable react server side package in our code (react or next.js). We also confirmed with our service providers. In addition, we tested our public endpoints using dedicated detection scripts, which verified that the platform is not exploitable. As a precautionary measure, we have upgraded react packages in the platform to the latest version and deployed a WAF rule to block any potential exploit attempts. |
| url | - |
| publishedAt | 2025-12-15 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_474c12ff15072688",
"name": "monday.com",
"domains": [
"trust.monday.com",
"monday.com"
]
} |
| trust_center | {
"id": "tc_41a964a6e38db8f3",
"name": "monday.com",
"url": "https://trust.monday.com",
"host": "trust.monday.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_33cf25bd07b87f4c",
"company": "/v1/companies/org_474c12ff15072688",
"trust_center": "/v1/trust-centers/tc_41a964a6e38db8f3",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_33cf25bd07b87f4cJSON