Exploit for Deserialization of Untrusted Data in Facebook React

R2SAE - React2Shell Auto-Exploit A Firefox extension...

Cross-site Request Forgery

React Router is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to missing CSRF protections on document POST requests to UI routes, where server-side route action handlers or React Server Actions accept authenticated POST requests without origin validation, allowing...

CVE-2026-22030

React Router is a router for React. In @remix-run/server-runtime version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, React Router or Remix v2 is vulnerable to CSRF attacks on document POST requests to UI routes when using server-side route action handlers in Framework Mode, or when...

GHSA-H5CW-625J-3RXH React Router has CSRF issue in Action/Server Action Request Processing

React Router or Remix v2 is vulnerable to CSRF attacks on document POST requests to UI routes when using server-side route action handlers in Framework Mode, or when using React Server Actions in the new unstable RSC modes. !NOTE This does not impact applications that use Declarative Mode or Data...

Exploit for Deserialization of Untrusted Data in Facebook React

R2SAE - React2Shell Auto-Exploit A Firefox extension...

Exploit for Deserialization of Untrusted Data in Facebook React

🧨 React2Hell — CVE-2025-55182 Exploit 🔥 Next.js / React...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Vulnerability Exploitation Tool Rust Version...

rsc-rce-poc

React Server Actions RCE Vulnerability - Proof of Concept Cre...