Exploit for CVE-2025-55182

CVE-2025-55182 Check for the critical RCE vulnerability i...

Exploit for CVE-2025-55182

CVE-2025-55182 - React Server Components RCE Exploit Python C...

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +8 more potentially affected by CVE-2025-55182 via react-server-dom-webpack (=19.0.0)

react-server-dom-webpack NPM version =19.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on react-server-dom-webpack and may be impacted: - @amazeelabs/bridge-waku =1.1.9, =3.1.12, =1.4.7, =1.1.3, =0.0.0-next-20250108080920, =0.0.0-next-20250108080920...

Arbitrary Code Injection

Overview react-server-dom-webpack is a React Server Components bindings for DOM using Webpack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Arbitrary Code Injection via unsafe deserializatio...

CVE-2025-55182

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes...

CVE-2025-55182

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes...

Node.js React Server Components Unauthenticated Remote Code Execution (CVE-2025-55182)

Multiple Node.js React Server Components packages are affected by an unauthenticated remote code execution vulnerability. The following Node.js packages and versions are affected: - react-server-dom-webpack 19.0, 19.1.0, 19.1.1, 19.2.0 - react-server-dom-parcel 19.0, 19.1.0, 19.1.1, 19.2.0 -...

Malicious code in webpack-loader-httpfile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dac614016dd648eebd83cab4f9c04585d52439a98b69d5e02694cb48119dfd96 The package webpack-loader-httpfile was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199194

Malicious code in webpack-loader-httpfile npm...

MAL-2025-191154 Malicious code in webpack-loader-httpfile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dac614016dd648eebd83cab4f9c04585d52439a98b69d5e02694cb48119dfd96 The package webpack-loader-httpfile was found to contain malicious code. Source: ghsa-malware...

Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

EUVD-2025-198960

Malicious code in @tezign/html-webpack-plugin npm...

MAL-2025-190916 Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

CVE-2025-10437

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows SQL Injection.This issue affects Webpack Management System: through 20251119...

TencentOS Server 4: pcs (TSSA-2025:0213)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0213 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-10437

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows SQL Injection. This issue affects Webpack Management System: through 20251119...

CVE-2025-10437 SQLi in Exagate's Webpack Management System

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows SQL Injection. This issue affects Webpack Management System: through 20251119...

EUVD-2025-198150

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows SQL Injection.This issue affects Webpack Management System: through 20251119...

CVE-2025-10437 SQLi in Exagate's Webpack Management System

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows SQL Injection. This issue affects Webpack Management System: through 20251119...

CVE-2025-10437

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows SQL Injection. This issue affects Webpack Management System: through 20251119...