Statement on CVE 2025-55182 React2Shell Vulnerability

December 03, 2025

Information

The React2Shell Vulnerability is a pre-authentication remote code execution vulnerability that exists in React Server Components.

For additional information, please refer to: NIST | CVE-2025-55182.

Risk

Not Applicable

Response

Melissa Data Corporation (“Melissa”) was not impacted by the React2Shell vulnerability. Melissa has performed a thorough investigation of both in-house built APIs, web interfaces, and vendor supplied solutions. Melissa has taken the necessary steps to update any affected versions to fixed versions and confirm no impacted IOC’s were present Melissa will continue to follow all guidance provided for this vulnerability as necessary to prevent any future risks.