Ecosystem	Package	Version

Vulnerabilities

sonatype-2026-000258

sonatype-2026-000258

next and react-server components - Deserialization of Untrusted Data

Published Jan 29, 2026

https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg https://github.com/advisories/GHSA-h25m-26qc-wcjf

CVSS ScoreHigh

7.5

Ecosystem	Package	Version


npm	@ez-digital/button	1.0.4
npm	@ez-digital/button	1.0.5
npm	@ez-digital/button	1.0.6
npm	@ez-digital/button	1.0.8
npm	@iqbalkbl/iqbalkabol37	0.1.0
npm	anjirunwkwkw	1.0.1
npm	next	13.0.0
npm	next	13.0.1-canary.0
npm	next	13.0.1-canary.1
npm	next	13.0.1-canary.2
npm	next	13.0.1-canary.3
npm	next	13.0.1-canary.4
npm	next	13.0.1
npm	next	13.0.2-canary.0
npm	next	13.0.2-canary.2
npm	next	13.0.2-canary.3
npm	next	13.0.2
npm	next	13.0.3-canary.0
npm	next	13.0.3-canary.1
npm	next	13.0.3-canary.2
npm	next	13.0.3-canary.3
npm	next	13.0.3-canary.4
npm	next	13.0.3
npm	next	13.0.4-canary.1
npm	next	13.0.4-canary.2
npm	next	13.0.4-canary.3
npm	next	13.0.4-canary.4
npm	next	13.0.4-canary.5
npm	next	13.0.4
npm	next	13.0.5-canary.0
npm	next	13.0.5-canary.1
npm	next	13.0.5-canary.2
npm	next	13.0.5-canary.3
npm	next	13.0.5-canary.4
npm	next	13.0.5-canary.5
npm	next	13.0.5-canary.6
npm	next	13.0.5-canary.7
npm	next	13.0.5
npm	next	13.0.6-canary.0
npm	next	13.0.6-canary.1
npm	next	13.0.6-canary.2
npm	next	13.0.6-canary.3
npm	next	13.0.6-canary.4
npm	next	13.0.6
npm	next	13.0.7-canary.0
npm	next	13.0.7-canary.1
npm	next	13.0.7-canary.3
npm	next	13.0.7-canary.4
npm	next	13.0.7-canary.5
npm	next	13.0.7-canary.6

sonatype-2026-000258 | Components Impacted | Sonatype Guide | Sonatype Guide