Home / Security updates / Orca Unaffected by React2Shell - React Server RCE Vulnerability
Orca Unaffected by React2Shell - React Server RCE Vulnerability
Security updates detail rendered from /security-updates/upd_7927af4750b4c2f3.
Overview
| ID | upd_7927af4750b4c2f3 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Orca Security |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_7927af4750b4c2f3 |
| providerId | safebase |
| organizationId | org_cf1d9d80753d6271 |
| trustCenterId | tc_1e9f331a47b52f04 |
| title | Orca Unaffected by React2Shell - React Server RCE Vulnerability |
| message | We are aware of the recently disclosed vulnerability CVE-2025-55182 — widely known as “React2Shell” — which affects certain versions of React Server Components (RSC) and frameworks built on top of it (e.g. Next.js). After a full review of our development and production environments, our dependency inventory, and build pipelines, we confirm that none of our services or infrastructure rely on the vulnerable React/Next.js versions or affected packages. As a result, there are no indicators of vulnerability, exploitation, or exposure related to CVE-2025-55182 in our environment. We maintain continuous monitoring of public disclosures, open-source dependencies, and supply-chain risks. We also enforce strict software-dependency and version management policies. As the situation evolves, we remain ready to respond, and will update this page should our assessment change. For further questions or concerns, please reach out to [email protected]. |
| url | - |
| publishedAt | 2025-12-07 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_cf1d9d80753d6271",
"name": "Orca Security",
"domains": [
"trustcenter.orca.security",
"orca.security"
]
} |
| trust_center | {
"id": "tc_1e9f331a47b52f04",
"name": "Orca Security",
"url": "https://trustcenter.orca.security",
"host": "trustcenter.orca.security"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_7927af4750b4c2f3",
"company": "/v1/companies/org_cf1d9d80753d6271",
"trust_center": "/v1/trust-centers/tc_1e9f331a47b52f04",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_7927af4750b4c2f3JSON