CVE-2025-55182 (React2Shell) and Redgate's products

8th December 2025

This page details the results of Redgate's investigation into the impact of the recent vulnerability in React Server Components, CVE-2025-55182.

Redgate's products

None of Redgate's products use the affected React Server Components "Flight" protocol. You do not need to upgrade any of Redgate's products to mitigate this vulnerability.

Redgate's business systems

Redgate conducted an assessment of its business systems on 4th December 2025.

A small number of our systems were found to be potentially vulnerable; we undertook remediation of these systems the same day.

We found no evidence of malicious activity prior to remediation, and no customer action is required.

Security and compliance

Database monitoring and observability

Database change management

Productivity and workflow automation

AI data readiness

Database modernization

Efficiency and cost optimization

Cloud migration and workload optimization

Redgate Flyway

Redgate Monitor

SQL Toolbelt Essentials

Redgate Test Data Manager

CVE-2025-55182 (React2Shell) and Redgate's products

8th December 2025

Redgate's products

Redgate's business systems

2025 State of the Database Landscape

Introduction to PostgreSQL for the data professional