Impact React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the "_rsc" cache-busting value can allow an attacker to poison cache entries so users receive the wrong response variant for a given URL. Fix We strengthened the "_rsc" cache-busting mechanism to make practical collisions significantly harder and to better separate response variants that should not share cache entries. Workarounds If you cannot upgrade immediately, ensure intermediary caches correctly honor "Vary" for RSC-related request headers, or disable shared caching for affected RSC responses until you can deploy a patched release.