Home / Security updates / BeyondTrust Security Advisory: React and Next.js Vulnerability
BeyondTrust Security Advisory: React and Next.js Vulnerability
Security updates detail rendered from /security-updates/upd_feb62b4170ede1ab.
Overview
| ID | upd_feb62b4170ede1ab |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | BeyondTrust |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_feb62b4170ede1ab |
| providerId | safebase |
| organizationId | org_c43a0bafedaefd07 |
| trustCenterId | tc_c869bb357eb72740 |
| title | BeyondTrust Security Advisory: React and Next.js Vulnerability |
| message | In December 2025, BeyondTrust became aware of a critical vulnerability affecting React Server Components and frameworks such as Next.js, classified as CVE-2025-55182 (commonly referred to as “React2Shell”). This vulnerability could allow remote code execution under certain conditions. <br> Our team immediately initiated an investigation to assess any potential impact on BeyondTrust systems or data. Using our suite of security tools and audit capabilities, **we have found no evidence of compromise**. Additionally, we have applied all vendor-recommended patches within our environment and implemented enhanced monitoring.<br> We will continue to monitor the situation and provide updates as needed. For more information, refer to the official guidance from [React](https://react.dev) and [Nextjs](https://nextjs.org) , as well as any Cybersecurity & Infrastructure Security Agency (CISA) [Alerts & Advisories](https://www.cisa.gov/news-events/cybersecurity-advisories). |
| url | - |
| publishedAt | 2025-12-09 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "incidents"
} |
| company | {
"id": "org_c43a0bafedaefd07",
"name": "BeyondTrust",
"domains": [
"trustportal.beyondtrust.com",
"beyondtrust.com"
]
} |
| trust_center | {
"id": "tc_c869bb357eb72740",
"name": "BeyondTrust",
"url": "https://trustportal.beyondtrust.com",
"host": "trustportal.beyondtrust.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_feb62b4170ede1ab",
"company": "/v1/companies/org_c43a0bafedaefd07",
"trust_center": "/v1/trust-centers/tc_c869bb357eb72740",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_feb62b4170ede1abJSON