Facebook React Devtools
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Facebook React Devtools.
By the Year
In 2025 there have been 0 vulnerabilities in Facebook React Devtools. React Devtools did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 0 | 0.00 |
2023 | 1 | 6.50 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new React Devtools vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Facebook React Devtools Security Vulnerabilities
The React Developer Tools extension registers a message listener with window.addEventListener('message', <listener>) in a content script
CVE-2023-5654
6.5 - Medium
- October 19, 2023
The React Developer Tools extension registers a message listener with window.addEventListener('message', <listener>) in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch(). The URL is not validated or sanitised before it is fetched, thus allowing a malicious web page to arbitrarily fetch URLs via the victim's browser.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Facebook React Devtools or by Facebook? Click the Watch button to subscribe.