addons icon indicating copy to clipboard operation
addons copied to clipboard
verified publisher icon home-assistant

Is NGINX Proxy Manager affected by CVE-2025-66478 or CVE-2025-55182 ?

Open apateluk opened this issue 4 months ago • 1 comments

Describe the issue you are experiencing

Hi, Is the NGINX Proxy Manager affected by the NextJS CVE-2025-66478 or React CVE-2025-55182

https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components https://nextjs.org/blog/CVE-2025-66478

Sorry if this is the wrong place to post this but the CVEs are pretty serious and some reassurance would be great.

What type of installation are you running?

Home Assistant OS

Which operating system are you running on?

Home Assistant Operating System

Which add-on are you reporting an issue with?

NGINX Home Assistant SSL proxy

What is the version of the add-on?

2.1.0

Steps to reproduce the issue

Install NGINX Proxy Manager Add-on

System Health information

n/a

Anything in the Supervisor logs that might be useful for us?

Anything in the add-on logs that might be useful for us?

Additional information

No response

apateluk avatar Dec 09 '25 21:12 apateluk

Nginx isn't using React Server as far as I know. Why or how would Nginx be affected by those CVEs?

MartinHjelmare avatar Dec 09 '25 22:12 MartinHjelmare