Previous incidents
Security Update – MongoBleed Patch Applied (SaaS) / Action Required (On-Prem)
Resolved Dec 31 at 09:56am CET
We’re writing to share an important security update regarding the MongoBleed vulnerability.
- SaaS customers: Our MongoDB clusters have been patched and are protected as of the time the vendor patch became available for SaaS deployments. No action is required on your side.
- On-premise customers: Please upgrade to the vendor’s patched MongoDB version as soon as possible to ensure you’re protected.
If you have any questions, please contact our support team.
[React2Shell] Critical Security Vulnerability in React Server Components
Resolved Dec 08 at 02:07pm CET
On December 3, 2025, React published a security advisory regarding vulnerability CVE-2025-55182 affecting React Server Components, which allows an unauthenticated attacker to cause remote arbitrary code execution.
Please note that Horizon and Stream software are not affected by this vulnerability, as EverTrust's solutions (Horizon & Stream) are not powered up neither React nor Next.js.