fix(ui): patch React Server Components DoS vulnerability (GHSA-83fc-fqcc-2hmg)

[alejandrobailo]

Context

Security patch to address DoS vulnerabilities in React Server Components (GHSA-83fc-fqcc-2hmg).

Description

• Upgrade React and React DOM from 19.2.3 to 19.2.4 (patched version)
• Upgrade Next.js from 16.1.3 to 16.1.6 (includes patched react-server-dom-* packages)
• Update related Next.js packages: @next/third-parties, @next/eslint-plugin-next, eslint-config-next
• Update pnpm overrides to use React 19.2.4 for peer dependencies

Steps to review

1. Verify ui/package.json version changes match the security advisory requirements
2. Run pnpm install && pnpm run typecheck to confirm no type errors
3. Run pnpm run build to verify production build succeeds
4. Confirm React 19.2.4 and Next.js 16.1.6 are installed: cat node_modules/react/package.json | grep version

Checklist

Community Checklist

• This feature/issue is listed in here or roadmap.prowler.com
• Is it assigned to me, if not, request it via the issue/feature in here or Prowler Community Slack

• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? No

UI

• All issue/task requirements work as expected on the UI
• Screenshots/Video of the functionality flow (if applicable) - Mobile (X < 640px)
• Screenshots/Video of the functionality flow (if applicable) - Table (640px > X < 1024px)
• Screenshots/Video of the functionality flow (if applicable) - Desktop (X > 1024px)
• Ensure new entries are added to CHANGELOG.md, if applicable.

API

• All issue/task requirements work as expected on the API
• Endpoint response output (if applicable)
• EXPLAIN ANALYZE output for new/modified queries or indexes (if applicable)
• Performance test results (if applicable)
• Any other relevant evidence of the implementation (if applicable)
• Verify if API specs need to be regenerated.
• Check if version updates are required (e.g., specs, Poetry, etc.).
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ All necessary CHANGELOG.md files have been updated.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[github-actions]

🔒 Container Security Scan

Image: prowler-ui:f273d2e
Last scan: 2026-01-29 11:33:33 UTC

✅ No Vulnerabilities Detected

The container image passed all security checks. No known CVEs were found.

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy