24 matches found
📄 Next.js 15 Remote Code Execution
A PHP-based proof of concept implementation demonstrating the critical remote code execution vulnerability in React Server Components RSC Flight protocol, affecting React and Next.js applications...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55...
Exploit for CVE-2025-66478
No d...
Exploit for Deserialization of Untrusted Data in Facebook React
🔍 Next.js RCE Scanner - CVE-2025-55182 & CVE-2025-66478...
unauthenticated remote code execution vulnerability in React Server Components. React (CVE-2025-55182), Next.js (CVE-2025-66478).
CVE-2025-55182 Description: A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable co...
Exploit for CVE-2025-66478
React2Shell POC https://nextjs.org/blog/CVE-2025-66478 테스...
Exploit for CVE-2025-66478
Next.js-RSC-RCE-Scanner-CVE-2025-66478 CVE-2025-66478 Next.js...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell Vulnerability Scanner A safe, non-invasive scanne...
Exploit for Deserialization of Untrusted Data in Facebook React
React4Shell ULTIMATE REACT4SHELL EXPLOITATION FRAMEWORK...
Exploit for CVE-2025-66478
CVE-2025-66478 Vulnerability Demo This repository contains a...
Exploit for Deserialization of Untrusted Data in Facebook React
🔥React2Shell - CVE-2025-55182 / CVE-2025-66478 Proof of Concep...
Exploit for CVE-2025-66478
Next.js CVE Auto-Patcher Automation tool written in Go to sca...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell Hunter AWS Organization-Wide Detection Toolkit...
Exploit for CVE-2025-66478
fix-react2shell-next One...
Exploit for CVE-2025-66478
React2Shell Ultimate - CVE-2025-66478 Scanner...
Exploit for CVE-2025-66478
PO...
Exploit for CVE-2025-55182
CVE-2025-55182 - React Server Components RCE Exploit v2.0 A c...
Exploit for CVE-2025-66478
Check for CVE-2025-66478 Checks if your NextJS server is vulne...
Imperva Customers Protected Against React Server Components (RSC) Vulnerability
Overview On December 3, 2025, the React and Next.js teams disclosed a critical security vulnerability CVSS 10.0, identified as React2Shell, affecting applications that leverage React Server Components together with Server Actions or Server Functions. The React2Shell vulnerability stems from...
Wallarm Halts Remote Code Execution Exploits: Defense for Vulnerable React Server Component Workflows
On December 3, 2025, React maintainers disclosed a critical unauthenticated remote code execution RCE vulnerability in React Server Components RSC, tracked as CVE-2025-55182. A working PoC was released publicly, and Wallarm immediately began observing widespread exploitation attempts across...