---
title: Added virtual patch for CVE-2025-55183 (React Leaking Server Functions)
summary: null
url: >-
  https://www.fastly.com/documentation/reference/changes/2025/12/added-virtual-patch-for-cve-2025-55183
---

A Leak of Server Functions has been found in React and has been assigned CVE-2025-55183. Fastly has created a virtual patch and it is now enabled by default with immediate blocking for all Next-Gen WAF customers. To deactivate it and remove this protection from your services, follow the steps for your control panel below.

## Next-Gen WAF control panel

### Professional or Premier platform

1.   Log in to the [Next-Gen WAF control panel](https://dashboard.signalsciences.net).

2.   From the **Sites** menu, select a site if you have more than one site.

3. From the **Rules** menu, select **Templated Rules**.
4. In the search bar, enter `CVE-2025-55183` and then click **View** for the CVE-2025-55183 templated rule.
5. Click **Configure** and then deselect the “Enabled” box under the "Configure thresholds and actions” section.
6. Click **Update rule**.

### Essential platform

1.   Log in to the [Next-Gen WAF control panel](https://dashboard.signalsciences.net).

2.   From the **Sites** menu, select a site if you have more than one site.

3. Click the **Signals** tab.
4. In the search bar, enter `CVE-2025-55183` and then click **View** for the CVE-2025-55183 tag.
5. Click the **Detections** tab and then click the Enabled detection for `CVE-2025-55183`.
6. Click **Remove detection**
7. Click **Delete detection**.
8. Click the **Alerts** tab and then click the Enabled detection for `CVE-2025-55183`.
9. Click **Remove alert**
10. Click **Delete**.

## Fastly control panel

1.   Log in to the [Fastly control panel](https://manage.fastly.com).

2.   Go to **Security** > **Next-Gen WAF** > [**Workspaces**](https://manage.fastly.com/security/ngwaf/workspaces).

3. Click **Virtual Patches**.
4. In the search bar, enter `CVE-2025-55183` and then click the pencil to the right of the CVE-2025-55183 virtual patch.
5. From the **Status** menu, select **Disabled**.
6. Click **Update virtual patch**.