Catalyst version 1.3.6 Release Notes

Catalyst v1.3.6 release addresses a security vulnerability (CVE-2025-55184, CVE-2025-55183 ) that affects React Server Components.

Key Changes

Next.js 15.5.8: Upgraded from Next.js 15.5.7 to 15.5.8
React 19: Upgraded to React 19.1.3 and React DOM 19.1.3

Migration Guide

Update Dependencies

Update dependencies in your package.json:


{
	"dependencies": {
		"next": "15.5.8",
		"react": "19.1.3",
		"react-dom": "19.1.3"
	},
	"devDependencies": {
		"@next/bundle-analyzer": "15.5.8",
		"eslint-config-next": "15.5.8"
	}
}

Run `pnpm install`


pnpm install

Note: next will automatically update your tsconfig.json file.

Release Tags

We have published new tags for the Core and Makeswift versions of Catalyst. Target these tags to pull the latest code:

And as always, you can pull the latest stable release with these tags:

Did you find what you were looking for?