Workiva has reviewed our usage of React and Next.JS and determined that our usage is not vulnerable to the attacks described in CVE-2025-55182 and the related CVE-2025-66478.
We will continue to monitor the situation for any new developments. If any future impact is identified, we will notify impacted customers as quickly as possible.