Imperva Cyber Community

Hello, any news on the cover for the new React vulnerability that came up this evening? Or was it already covered by the patching from last week?

Thanks

#AllImperva
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Emanuele Bajni
Security Delivery Associate
Accenture Financial Advanced Solutions & Technology S.R.L
Padova
------------------------------

Hi Emanuele,
I see there has been no response on here so I wanted to check to see if you saw this blog posted a couple of days ago:

Manual Mitigation for CVE-2025-55182: React2Shell

I also wanted to share an update from our Threat Research team, posted yesterday:

The Threat Research Team is actively monitoring this vulnerability. (CVE-2025-55184)
We have deployed a rule on the Cloud WAF based on a publicly shared PoC, but we have not observed any exploitation happening in the wild.This suggests that either the PoC is inaccurate or no one is attempting to exploit this vulnerability.The more probable explanation is that the PoC is not reliable.Therefore, we plan to wait for a more accurate PoC to be released before deciding on our next steps.

I hope this helps!

------------------------------
Sarah Lamont
Digital Community Manager
------------------------------

Original Message:
Sent: 12-12-2025 04:05
From: Emanuele Bajni
Subject: CVE-2025-55184 new react vulnerability

Hello, any news on the cover for the new React vulnerability that came up this evening? Or was it already covered by the patching from last week?

Thanks

#AllImperva
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Emanuele Bajni
Security Delivery Associate
Accenture Financial Advanced Solutions & Technology S.R.L
Padova
------------------------------