CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) Impact
❌Unsolved❓Question
Hi!
I'd like to know if Zitadel and Next.js versions required by Zitadel are impacted by CVE-2025-55182 (React) and CVE-2025-66478 (Next.js)
One of our devs told that we are bound to vulnerable Next.js version because this version is a Zitadel's requirement. At first glance that is true, so just want to double check and probably get any info on if it is possible to update to a patched Next.js version.
Thanks.
I'd like to know if Zitadel and Next.js versions required by Zitadel are impacted by CVE-2025-55182 (React) and CVE-2025-66478 (Next.js)
One of our devs told that we are bound to vulnerable Next.js version because this version is a Zitadel's requirement. At first glance that is true, so just want to double check and probably get any info on if it is possible to update to a patched Next.js version.
Thanks.
