Home / Security updates / CVE-2025-55182 & CVE-2025-66478

CVE-2025-55182 & CVE-2025-66478

Security updates detail rendered from /security-updates/upd_741bfe541e1303b1.

Overview

Field	Value
id	upd_741bfe541e1303b1
providerId	safebase
organizationId	org_33d000fdc8a62017
trustCenterId	tc_7d7ee18589030c52
title	CVE-2025-55182 & CVE-2025-66478
message	UiPath has completed our initial investigation of the recent React.js/Next.js vulnerabilities: CVE-2025-55182 and CVE-2025-66478. At this time, no evidence has been found to indicate that UiPath products or UiPath Automation Cloud (including AC Dedicated and AC Public Sector) are affected by this vulnerability. Thank you. Note: In addition, [Cloudflare](https://blog.cloudflare.com/waf-rules-react-vulnerability/?mkt_tok=NzEzLVhTQy05MTgAAAGekEj_pe_luI2pOPmtb0GS2LQ27eQj_R5AoBddC-_GS8nEgn_quxtuhqx_B44dpbfv_FqzAlGjZnFFz_p7V2_V6YFWj7hgtQIcUU1iMcNinM3OmVYk9Awv/) for AC and [Akamai](https://www.akamai.com/blog/security-research/cve-2025-55182-react-nextjs-server-functions-deserialization-rce) for ACPS already have protections in place.
url	-
publishedAt	2025-12-08
source	{ "field": "statuspage/public/compliance-update", "category": "vulnerabilities" }
company	{ "id": "org_33d000fdc8a62017", "name": "UiPath", "domains": [ "trust.uipath.com", "uipath.com" ] }
trust_center	{ "id": "tc_7d7ee18589030c52", "name": "UiPath", "url": "https://trust.uipath.com", "host": "trust.uipath.com" }
provider	{ "id": "safebase", "name": "SafeBase" }
links	{ "self": "/v1/security-updates/upd_741bfe541e1303b1", "company": "/v1/companies/org_33d000fdc8a62017", "trust_center": "/v1/trust-centers/tc_7d7ee18589030c52", "provider": "/v1/providers/safebase" }

Get this page with API

Rendered from the bluedoor Trust Centers API. Reproduce it:

GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_741bfe541e1303b1JSON