Issue Station
Sign In
Tools hereToolbox

nextjs - 💡(How to fix) Fix Bug: React DevTools shows different versions (Stable vs. Canary) for Page/App Router in Next.js, potentially indicating an unpatched security risk (19.2.0-canary vs 19.2.1) [1 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
vercel/next.js#86926Fetched 2026-04-08 02:08:23
View on GitHub
Comments
1
Participants
2
Timeline
6
Reactions
0
Author
0102655129001026551290
Participants
0102655129001026551290github-actions[bot]github-actions[bot]
Timeline (top)
labeled ×2closed ×1commented ×1issue_type_added ×1

Fix Action

Fix / Workaround

Furthermore, since version 19.2.0 (or its corresponding Canary build) is known to potentially have security vulnerabilities that were patched in 19.2.1, it is crucial that the App Router's internal RSC runtime dependencies are updated to reflect the 19.2.1 patch level.

Code Example

React version: react 19.1.2 / next 15.3.6
RAW_BUFFERClick to expand / collapse

Link to the code that reproduces this issue

//

To Reproduce

  1. Set up a Next.js project with both App Router and Page Router enabled.
  2. Set react and react-dom versions to 19.1.2 in package.json and run pnpm install
  3. Create a page based on the Page Router
  4. Create a page based on the App Router
  5. Open React DevTools.

Current vs. Expected behavior

<!-- Please provide a clear and concise description of what the bug is. Include screenshots if needed. Please test using the latest version of the relevant React packages to make sure your issue has not already been fixed. -->

React version: react 19.1.2 / next 15.3.6

Steps To Reproduce

  1. Set up a Next.js project with both App Router and Page Router enabled.
  2. Set react and react-dom versions to 19.1.2 in package.json and run pnpm install
  3. Create a page based on the Page Router
  4. Create a page based on the App Router
  5. Open React DevTools.
<!-- Your bug will get fixed much faster if we can run your code and it doesn't have dependencies other than React. Issues without reproduction steps or code examples may be immediately closed as not actionable. -->

Link to code example:

<!-- Please provide a CodeSandbox (https://codesandbox.io/s/new), a link to a repository on GitHub, or provide a minimal code example that reproduces the problem. You may provide a screenshot of the application if you think it is relevant to your bug report. Here are some tips for providing a minimal example: https://stackoverflow.com/help/mcve. -->

The current behavior

React DevTools displays 19.2.0-canary on App Router pages.

The expected behavior

React DevTools should display 19.1.2 on App Router pages, consistent with the Page Router and the stable React version specified in the project's package.json.

Furthermore, since version 19.2.0 (or its corresponding Canary build) is known to potentially have security vulnerabilities that were patched in 19.2.1, it is crucial that the App Router's internal RSC runtime dependencies are updated to reflect the 19.2.1 patch level.

<img width="3432" height="1409" alt="Image" src="https://github.com/user-attachments/assets/792dbffa-6efe-403d-a930-2c4dc5379b5f" /> <img width="3427" height="1407" alt="Image" src="https://github.com/user-attachments/assets/287d031d-c5e9-4fe7-b193-8b126e0f9844" />

Provide environment information

React version: react 19.1.2 / next 15.3.6

Which area(s) are affected? (Select all that apply)

React

Which stage(s) are affected? (Select all that apply)

Other (Deployed)

Additional context

No response

extent analysis

TL;DR

Update the internal RSC runtime dependencies of the App Router to reflect the 19.2.1 patch level to ensure consistency with the stable React version and mitigate potential security vulnerabilities.

Guidance

  • Verify that the react and react-dom versions in package.json are set to 19.1.2 and run pnpm install to ensure the correct versions are installed.
  • Check the App Router's internal dependencies to see if they are using the 19.2.0-canary version and update them to 19.2.1 if possible.
  • Consider upgrading to a newer version of Next.js that may include the updated App Router dependencies.
  • Test the application with React DevTools to confirm that the correct React version is displayed for App Router pages.

Notes

The issue seems to be related to the App Router's internal dependencies using a different React version than the rest of the application. Updating these dependencies to 19.2.1 should resolve the issue and ensure consistency with the stable React version.

Recommendation

Apply workaround: Update the internal RSC runtime dependencies of the App Router to reflect the 19.2.1 patch level. This should mitigate potential security vulnerabilities and ensure consistency with the stable React version.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#api#ssr#memory leak#API versioning#request timeout

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING