PhenixH

Hi, Thank you for your answer. I tested this fix but it's not working yet, the issue is that the Flag [RDWR ](https://github.com/angr/simuvex/blob/master/simuvex/plugins/posix.py#L421)does not allow the creation of a file...

Hi, Is there any updates concerning this request ?

I see that the 4.7.1 was released yesterday. But the patch is not full : the 4.7.1 upgrade only the nextJs version, but the CVE impact React too (need be...

Another CVE - https://vercel.com/kb/bulletin/security-bulletin-cve-2025-55184-and-cve-2025-55183 Next need to be update Again to 15.5.9 ... @peintnermax do we close this PR ?

hey @rajatcing https://github.com/zitadel/zitadel/pull/11048 doesn't seem to update Nextjs to the proper version to avoid the specified very high and exploited CVE.

> [4.7.1](https://github.com/zitadel/zitadel/releases/tag/v4.7.1) uses nextjs 15.5.7 ([package.json](https://github.com/zitadel/zitadel/blob/v4.7.1/apps/login/package.json#L39) – introduced [here](https://github.com/zitadel/zitadel/commit/4c879b47334e01d4fcab921ac1b44eda39acdb96#diff-5ee7638e54e43914f47e5de4eb5c2abf0d68d5879f542ea648c71c688825063cR39)) which has the patch ([see react update instructions](https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components#update-next-js)). > > As I understand it this is all that is needed? Or...

Another patch needed : https://vercel.com/kb/bulletin/security-bulletin-cve-2025-55184-and-cve-2025-55183 -> Upgrade to Next 15.5.9 EDIT: In progress : https://github.com/zitadel/zitadel/pull/11179