ChangelogSecurity Patch

Security Patch

December 12, 2025

On the 11th of December were disclosed two new vulnerabilities in React/NextJs applications. In our case this affected the newsrooms/themes and the website:

  • CVE-2025-55184 (CVSS 7.5)
  • CVE-2025-55183 (CVSS 5.3)

We got alerted on the 11th of December and upgraded our infrastructure as soon as possible. That includes updating Next.js, React and React DOM to the latest secure versions, addressing known vulnerabilities and tightening our supply-chain protections. As of 12th of December at 12:00 CET all Prezly-hosted sites had been patched.

So the themes and website are no longer vulnerable to the known identified issues. No action is required from users — everything is included in the update.

 

Back to changelog

Join 500+ PR teams already loving Prezly

Take the stress out of contact management and distribution with a dedicated outreach CRM that your whole team can use.

Start your free trial
Made with love from from 19 countriesManage Cookies
Made with