Skip to content

[React2Shell] How to mitigate in React Native #54772

New issue
New issue
Open
Open
[React2Shell] How to mitigate in React Native#54772
Labels
Needs: React Native Team AttentionNeeds: ReproThis issue could be improved with a clear list of steps to reproduce the issue.
@DigitalZebra

Description

@DigitalZebra
DigitalZebra
opened on Dec 3, 2025

Important

See this comment for the impact to React Native and steps to mitigate.

-@rickhanlonii

Description

A security vulnerability with React was disclosed (https://nvd.nist.gov/vuln/detail/CVE-2025-55182). While trying to upgrade a RN 0.81.5 old arch app to React version 19.1.2, an error is thrown from ReactNativeRender.
For 0.81.5, ReactNativeRenderer is expecting React version 19.1.0.

While React Native apps are not susceptible to the vulnerability, many apps live in monorepos with NextJS (or other RSC powered apps).

I'm wondering if there's a recommendation on how best to proceed? Would it be possible to release patch versions of React Native that increment the supported/expected React version?

Thank you!

Steps to reproduce

  1. npx @react-native-community/cli init --version 0.81.5
  2. Turn off new arch (i.e. :new_arch_enabled => false in Podfile)
  3. Update React version in generated app's package.json to 19.1.2
  4. npm run start
  5. npm run ios
  6. see errors:
console.js:661 Error: Incompatible React versions: The "react" and "react-native-renderer" packages must have the exact same version. Instead got:
  - react:                  19.1.2
  - react-native-renderer:  19.1.0

React Native Version

0.81.5, 0.82.1

Affected Platforms

Runtime - iOS, Runtime - Android

Output of npx @react-native-community/cli info

N/A

Stacktrace or Logs

console.js:661 Error: Incompatible React versions: The "react" and "react-native-renderer" packages must have the exact same version. Instead got:
  - react:                  19.1.2
  - react-native-renderer:  19.1.0
Learn more: https://react.dev/warnings/version-mismatch
    at anonymous (ReactNativeRenderer-dev.js:16872:18)
    at anonymous (ReactNativeRenderer-dev.js:17081:4)
    at loadModuleImplementation (require.js:285:12)
    at guardedLoadModule (require.js:190:36)
    at metroRequire (require.js:98:24)
    at anonymous (ReactNative.js:19:24)
    at loadModuleImplementation (require.js:285:12)
    at guardedLoadModule (require.js:183:45)
    at metroRequire (require.js:98:24)
    at renderElement (RendererImplementation.js:49:12)
    at renderApplication (renderApplication.js:102:25)
    at anonymous (AppRegistryImpl.js:89:22)
    at runApplication (AppRegistryImpl.js:178:20)
    at apply (native)
    at __callFunction (MessageQueue.js:435:34)
    at anonymous (MessageQueue.js:114:26)
    at __guard (MessageQueue.js:369:11)
    at callFunctionReturnFlushedQueue (MessageQueue.js:113:17)
anonymous @ console.js:661
overrideMethod @ backend.js:17416
reactConsoleErrorHandler @ ExceptionsManager.js:184
anonymous @ setUpDeveloperTools.js:42
reportException @ ExceptionsManager.js:108
handleException @ ExceptionsManager.js:173
handleError @ setUpErrorHandling.js:25
reportFatalError @ error-guard.js:49
guardedLoadModule @ require.js:185
metroRequire @ require.js:98
renderElement @ RendererImplementation.js:49
renderApplication @ renderApplication.js:102
anonymous @ AppRegistryImpl.js:89
runApplication @ AppRegistryImpl.js:178
__callFunction @ MessageQueue.js:435
anonymous @ MessageQueue.js:114
__guard @ MessageQueue.js:369
callFunctionReturnFlushedQueue @ MessageQueue.js:113
console.js:661 TypeError: Cannot read property 'default' of undefined
    at renderElement (RendererImplementation.js:49:45)
    at renderApplication (renderApplication.js:102:25)
    at anonymous (AppRegistryImpl.js:89:22)
    at runApplication (AppRegistryImpl.js:178:20)
    at apply (native)
    at __callFunction (MessageQueue.js:435:34)
    at anonymous (MessageQueue.js:114:26)
    at __guard (MessageQueue.js:369:11)
    at callFunctionReturnFlushedQueue (MessageQueue.js:113:17)
anonymous @ console.js:661
overrideMethod @ backend.js:17416
reactConsoleErrorHandler @ ExceptionsManager.js:184
anonymous @ setUpDeveloperTools.js:42
reportException @ ExceptionsManager.js:108
handleException @ ExceptionsManager.js:173
handleError @ setUpErrorHandling.js:25
reportFatalError @ error-guard.js:49
__guard @ MessageQueue.js:371
callFunctionReturnFlushedQueue @ MessageQueue.js:113
console.js:661 Error: Incompatible React versions: The "react" and "react-native-renderer" packages must have the exact same version. Instead got:
  - react:                  19.1.2
  - react-native-renderer:  19.1.0
Learn more: https://react.dev/warnings/version-mismatch
    at anonymous (ReactNativeRenderer-dev.js:16872:18)
    at anonymous (ReactNativeRenderer-dev.js:17081:4)
    at loadModuleImplementation (require.js:285:12)
    at guardedLoadModule (require.js:190:36)
    at metroRequire (require.js:98:24)
    at anonymous (ReactNative.js:19:24)
    at loadModuleImplementation (require.js:285:12)
    at guardedLoadModule (require.js:183:45)
    at metroRequire (require.js:98:24)
    at renderElement (RendererImplementation.js:49:12)
    at renderApplication (renderApplication.js:102:25)
    at anonymous (AppRegistryImpl.js:89:22)
    at runApplication (AppRegistryImpl.js:178:20)
    at apply (native)
    at __callFunction (MessageQueue.js:435:34)
    at anonymous (MessageQueue.js:114:26)
    at __guard (MessageQueue.js:369:11)
    at callFunctionReturnFlushedQueue (MessageQueue.js:113:17)
anonymous @ console.js:661
overrideMethod @ backend.js:17416
reactConsoleErrorHandler @ ExceptionsManager.js:184
anonymous @ setUpDeveloperTools.js:42
reportException @ ExceptionsManager.js:108
handleException @ ExceptionsManager.js:173
handleError @ setUpErrorHandling.js:25
reportFatalError @ error-guard.js:49
guardedLoadModule @ require.js:185
metroRequire @ require.js:98
renderElement @ RendererImplementation.js:49
renderApplication @ renderApplication.js:102
anonymous @ AppRegistryImpl.js:89
runApplication @ AppRegistryImpl.js:178
__callFunction @ MessageQueue.js:435
anonymous @ MessageQueue.js:114
__guard @ MessageQueue.js:369
callFunctionReturnFlushedQueue @ MessageQueue.js:113
console.js:661 TypeError: Cannot read property 'default' of undefined
    at renderElement (RendererImplementation.js:49:45)
    at renderApplication (renderApplication.js:102:25)
    at anonymous (AppRegistryImpl.js:89:22)
    at runApplication (AppRegistryImpl.js:178:20)
    at apply (native)
    at __callFunction (MessageQueue.js:435:34)
    at anonymous (MessageQueue.js:114:26)
    at __guard (MessageQueue.js:369:11)
    at callFunctionReturnFlushedQueue (MessageQueue.js:113:17)
anonymous @ console.js:661
overrideMethod @ backend.js:17416
reactConsoleErrorHandler @ ExceptionsManager.js:184
anonymous @ setUpDeveloperTools.js:42
reportException @ ExceptionsManager.js:108
handleException @ ExceptionsManager.js:173
handleError @ setUpErrorHandling.js:25
reportFatalError @ error-guard.js:49
__guard @ MessageQueue.js:371
callFunctionReturnFlushedQueue @ MessageQueue.js:113

MANDATORY Reproducer

N/A

Screenshots and Videos

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    Needs: React Native Team AttentionNeeds: ReproThis issue could be improved with a clear list of steps to reproduce the issue.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions