Lucene search
+L

470 matches found

Saint
Saint
added 2025/12/11 12:0 a.m.133 views

React Server Components deserialization vulnerability

Added: 12/11/2025 Background React is a Javascript library for building user interfaces. React Server Components are React components designed for running on web servers. Problem A deserialization vulnerability in React Server Components allows a remote attacker to execute arbitrary commands by...

7.8AI score
Exploits0
FreeBSD
FreeBSD
added 2025/12/11 12:0 a.m.12 views

github-release-monitor -- multiple vulnerabilities

https://nextjs.org/blog/security-update-2025-12-11 reports: Description Medium Source Code Exposure: CVE-2025-55183 A specifically crafted HTTP request can cause a Server Function to return the compiled source code of other Server Functions in your application. This could reveal business logic...

7.5CVSS7.2AI score0.65592EPSS
Exploits13References1
Cvelist
Cvelist
added 2025/12/10 10:16 p.m.22 views

CVE-2025-67490 Auth0 Next.js SDK has Improper Request Caching Lookup

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in...

5.4CVSS0.00178EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/10 10:16 p.m.2 views

CVE-2025-67490 Auth0 Next.js SDK has Improper Request Caching Lookup

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in...

5.4CVSS6.6AI score0.00178EPSS
Exploits0References2
OSV
OSV
added 2025/12/10 10:16 p.m.4 views

CVE-2025-67490 Auth0 Next.js SDK has Improper Request Caching Lookup

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in...

5.4CVSS6.8AI score0.00178EPSS
Exploits0References4
Snyk
Snyk
added 2025/12/10 9:35 p.m.2 views

Incomplete List of Disallowed Inputs

Overview @auth0/nextjs-auth0 is a Next.js SDK for signing in with Auth0 Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via improper validation of the returnTo parameter. An attacker can cause tokens to be issued with unintended parameters by injecting...

5.7CVSS6.7AI score0.0023EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/10 9:31 p.m.2 views

Incorrect Authorization

Overview @auth0/nextjs-auth0 is a Next.js SDK for signing in with Auth0 Affected versions of this package are vulnerable to Incorrect Authorization via improper lookups in TokenRequestCache. An attacker can access sensitive information belonging to other users by making simultaneous requests on t...

5.9CVSS6.5AI score0.00178EPSS
Exploits0References2
OSV
OSV
added 2025/12/10 9:31 p.m.2 views

GHSA-WCGJ-F865-C7J7 Improper Request Caching Lookup in the Auth0 Next.js SDK

Description When using affected versions of the Next.js SDK, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. Am I Affected? You are affected if you meet the following preconditions: - Applications using the auth0/nextjs-aut...

5.4CVSS6.8AI score0.00178EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/12/10 6:11 p.m.158 views

Exploit for Improper Authorization in Vercel Next.Js

Next.js RCE Scanner Scanner for CVE-2025-29927 - Next.js/...

10CVSS7.6AI score0.99562EPSS
Exploits448
GithubExploit
GithubExploit
added 2025/12/10 11:38 a.m.185 views

Exploit for Deserialization of Untrusted Data in Facebook React

🚀 React2Shell Exploiter Advanced Exploitation & Server I...

10CVSS7.8AI score0.99562EPSS
Exploits391
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.4 views

nextjs-auth0 安全漏洞

nextjs-auth0 is an Auth0 open source Next.js SDK for logging in using Auth0. A security vulnerability exists in nextjs-auth0 versions 4.11.0 through 4.11.2 and 4.12.0, which stems from the fact that simultaneous requests on the same client may result in improper lookups in TokenRequestCache...

5.4CVSS6.5AI score0.00178EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.8 views

PT-2025-50552

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in...

5.4CVSS7AI score0.00178EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/12/09 11:39 p.m.208 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 — demo This repository provides a demonstratio...

10CVSS8.2AI score0.99562EPSS
Exploits377
GithubExploit
GithubExploit
added 2025/12/09 10:26 a.m.159 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell A scanner for detecting and exploiting Next.js...

10CVSS7.3AI score0.99562EPSS
Exploits391
GithubExploit
GithubExploit
added 2025/12/09 9:21 a.m.165 views

Exploit for CVE-2025-66478

monorepo-nextjs-npm-nested-versions - VULNERABLE CVE-2025-664...

7.4AI score
Exploits111
GithubExploit
GithubExploit
added 2025/12/08 3:25 p.m.177 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Next.js RCE Exploit Tool 中文文档./README.zh-CN...

10CVSS8.7AI score0.99562EPSS
Exploits377
GithubExploit
GithubExploit
added 2025/12/08 3:30 a.m.305 views

Exploit for CVE-2025-66478

CVE-2025-66478 – Next.js Server Actions RCE Vulnerability: Ana...

7.4AI score
Exploits111
GithubExploit
GithubExploit
added 2025/12/07 11:39 a.m.161 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Scanner Simple command-line tool for detecting...

10CVSS7.1AI score0.99562EPSS
Exploits377
GithubExploit
GithubExploit
added 2025/12/07 2:26 a.m.171 views

Exploit for Deserialization of Untrusted Data in Facebook React

Parameters - -f: File to scan default: urls.txt - -f...

10CVSS7.2AI score0.99562EPSS
Exploits377
GithubExploit
GithubExploit
added 2025/12/06 9:54 p.m.326 views

Exploit for Deserialization of Untrusted Data in Facebook React

NextRce - Next.js RSC Exploit Tool CVE-2025-55182...

10CVSS7.9AI score0.99562EPSS
Exploits377
Rows per page
Query Builder