1 min read Dec 8, 2025 Vercel Agent now detects vulnerable packages in your project, and automatically generates pull requests with fixes to upgrade them to patched versions . React2Shell: Auto-fix vulnerable projects here Vercel Agent detects vulnerable packages in your project, and automatically generates pull requests with verified fixes to upgrade them to patched versions. Auto-fix React2Shell now Powered by Vercel's self-driving infrastructure , these auto-fix upgrades are available at no cost and help teams stay secure with minimal manual effort. Automatic detection of vulnerable React, Next.js, and related RSC packages Automatic PR creation Full execution and verification of updates inside isolated Sandbox environments Preview links generated with PR, to manually validate updates About React2Shell React2Shell (CVE-2025-55182) is a critical remote code execution vulnerability in React Server Components that affects React 19 and frameworks that use it like Next.js.…