TaskRay Trust Center
The TaskRay Trust Center details the platform's comprehensive security and compliance measures—including SOC 2 compliance, role-based access control, encryption, endpoint security, and legal agreements—and clarifies that despite using React in its front-end, TaskRay is not affected by the critical React Server Components vulnerabilities (CVE-2025-55182) due to not employing React server-side features.
Overview
TaskRay makes onboarding customers fast and efficient with built-in best practices around handoffs from sales to customer onboarding to customer success. The platform provides powerful insights into onboarding performance and templates to help guide your onboarding projects.
Compliance
- SOC 2 compliance
Documents
- Network Diagram
- SOC 2 Report
- Cyber Insurance
Product Security
- Role-Based Access Control
Reports
- Network Diagram
- Security Prospectus
- SOC 2 Report
Data Security
- Access Monitoring
- Data Erasure
- Encryption-at-rest
App Security
- Code Analysis
- Software Development Lifecycle
Legal
- Cyber Insurance
- Data Processing Agreement
- Master Services Agreement
Access Control
- Data Access
- Logging
- Password Security
Endpoint Security
- Disk Encryption
- Endpoint Detection & Response
- Mobile Device Management
Corporate Security
- Email Protection
- Employee Training
- HR Security
Trust Center Updates
TaskRay Not Impacted by React Server Vulnerabilities
General
December 17, 2025
The security team at TaskRay became aware of reports concerning critical vulnerabilities disclosed in React Server Components (RSC), including a remote code execution issue tracked as CVE-2025-55182.
Reputable threat intelligence and vendor sources have documented this vulnerability and provided guidance on its impact and mitigation:
- Critical security vulnerability in React Server Components
- Denial of service and source code exposure in React Server Components
TaskRay is not impacted by this vulnerability. While TaskRay uses React as part of its front-end technology stack, it does not use React Server Components or React server-side functionality. The disclosed vulnerabilities affect server-side components and runtimes, not client-side React usage. Since TaskRay’s implementation does not include these server components, the confidentiality, integrity, and availability of its systems remain unharmed.
TaskRay Not Impacted by MOVEit Vulnerabilities
Incidents
June 22, 2023
The security team at TaskRay became aware of news surrounding a high impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: MOVEit customers urged to patch third critical vulnerability.
TaskRay is not impacted by this vulnerability. TaskRay does not leverage this technology/software within its product and therefore the confidentiality, integrity, and availability of its systems remain unharmed.
If you think you may have discovered a vulnerability, please send a note to security@taskray.com.