Vercel Agent now detects vulnerable packages in your project, and automatically generates pull requests with fixes to upgrade them to .patched versions Powered by Vercel's , these auto-fix upgrades are available at no cost and help teams stay secure with minimal manual effort.self-driving infrastructure is a critical remote code execution vulnerability in React Server Components that affects React 19 and frameworks that use it like Next.js. Specially crafted requests can trigger unintended code execution if your application is running a vulnerable version.

Immediate upgrades are required for all projects using affected React and Next.js releases.About React2ShellReact2Shell (CVE-2025-55182) Get the or view the .latest updates on React2Shellnew dashboard here Read more Automatic detection of vulnerable React, Next.js, and related RSC packages Automatic PR creation Full execution and verification of updates inside isolated Sandbox environments Preview links generated with PR, to manually validate updates