React has disclosed a critical vulnerability (CVE-2025-55182) affecting React Server Components.
Dify SaaS is not affected, and we have upgraded React to the patched version 19.2.1 to ensure continued security.
Self-hosted users are encouraged to update to the latest release.
All services are operating normally, and we will continue to monitor the situation.
Update:
Advisory: