From 42c2ced521641de642668cf4bd9a0348744e82ed Mon Sep 17 00:00:00 2001
From: Alex Hawley <alex.hawley@vercel.com>
Date: Fri, 12 Dec 2025 19:35:09 +0000
Subject: [PATCH] fix: Fix React Server Components CVE vulnerabilities

Updated dependencies to fix Next.js and React CVE vulnerabilities.

The fix-react2shell-next tool automatically updated the following packages to their secure versions:
- next
- react-server-dom-webpack
- react-server-dom-parcel
- react-server-dom-turbopack

All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory.
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 40062c2..328662c 100644
--- a/package.json
+++ b/package.json
@@ -21,7 +21,7 @@
     "@uniformdev/next-server": "7.3.251119-1",
     "@uniformdev/publishing-all": "7.3.251119-1",
     "dotenv": "^8.2.0",
-    "next": "15.5.6",
+    "next": "15.5.9",
     "react": "^19.1.0",
     "react-dom": "^19.1.0",
     "replace-in-file": "^6.2.0"