8324 matches found
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Proof-of-Concept for CVE-2025-55182, a critical...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell – Advanced Discovery & Exploitation Framework An...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell CVE-2025-55182 - Proof of Concept A comprehensi...
Exploit for Deserialization of Untrusted Data in Facebook React
React2P4IM0Nshell 💥Extension Tool para...
Exploit for Deserialization of Untrusted Data in Facebook React
R2SHELL !WARNING Este proyecto es SOLO PARA PROPÓSITO...
Exploit for Deserialization of Untrusted Data in Facebook React
📌 CVE-2025-55182 — React2Shell Critical Unauthenticated Remote...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55184 React Server Components 19.0.0 to 19.2.1 includ...
Exploit for Deserialization of Untrusted Data in Facebook React
⚛️ React2Shell Exploit CVE-2025-55182 !Severityhttps://i...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Lab A hands-on lab to exploit CVE-2025-55182...
Denial Of Service (DoS)
react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack and next are vulnerable to a Denial-Of-Service DoS. The vulnerability is due to insufficient patching of unsafe payload deserialization in React Server Components, where maliciously crafted HTTP requests sent to Server...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell A CLI tool to exploit prototype pollution vulnerab...
Cross-site Scripting (XSS)
com.liferay, com.liferay.dynamic.data.mapping.item.selector.web are vulnerable to cross-site scripting XSS. The vulnerability is due to improper input validation in user name fields First Name, Middle Name, Last Name, which allows a remote attacker to inject arbitrary web scripts or HTML via...
Denial Of Service (DoS)
react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack, and next.js are vulnerable to Denial-Of-Service DoS vulnerability. The vulnerability is due to unsafe deserialization of payloads sent to React Server Components Server Function endpoints, where a crafted HTTP request...
Information Disclosure
react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack, next and vitejs/plugin-rsc is vulnerable to an Information Disclosure. The vulnerability is due to unsafe handling of stringified arguments in React Server Components RSC Server Functions, where a specifically crafted...
Exploit for Deserialization of Untrusted Data in Facebook React
ReactOOPS - HTB Web Challenge Writeup...
Exploit for Deserialization of Untrusted Data in Facebook React
next88 - React Server Components RCE Scanner High-performance...
Exploit for CVE-2025-55183
React Server Components Security Lab CVE-2025-55183 & CVE-202...
Metasploit Wrap-Up 12/12/2025
React2shell Module As you may have heard, on December 3, 2025, the React team announced a critical Remote Code Execution RCE vulnerability in servers using the React Server Components RSC Flight protocol. The vulnerability, tracked as CVE-2025-55182, carries a CVSS score of 10.0 and is informally...
Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up
It was discovered that the fix for CVE-2025-55184 in React Server Components was incomplete and did not fully mitigate denial-of-service conditions across all payload types. As a result, certain crafted inputs could still trigger excessive resource consumption. This vulnerability affects React...
EUVD-2025-203103
Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up...