We are aware of the recently published critical vulnerabilities CVE-2025-55182 and CVE-2025-66478, which affect a broad range of websites and applications built with React or Next.js.
Our security partner has completed an automated scan of our environment, and the vulnerabilities were not detected in Yembo's infrastructure. Yembo has not been flagged as impacted by these CVEs.
We will continue to monitor upstream advisories and vendor guidance as more information becomes available. No customer-facing components are affected, and no action is required at this time.