Tag

React

2 briefs RSS

@vitejs/plugin-rsc Denial-of-Service Vulnerability in React Server Components

@vitejs/plugin-rsc is vulnerable to a denial-of-service attack due to an embedded vulnerable version of react-server-dom-webpack, potentially causing resource exhaustion.

@vitejs/plugin-rsc +1 denial-of-service react vite

2r 1t 1c May 11, 2026

high advisory

React Server Components Denial of Service Vulnerability (CVE-2026-23869)

2 rules 1 TTP 1 CVE

A denial of service vulnerability, CVE-2026-23869, exists in React Server Components due to excessive CPU usage triggered by specially crafted HTTP requests to Server Function endpoints, potentially leading to service disruption.

CVE-2026-23869 denial-of-service react

2r 1t 1c Apr 8, 2026