CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

477 matches found

GithubExploit•added 2025/12/15 9:1 p.m.•121 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell CVE-2025-55182 — Local RSC Security Demo ⚠️ W...

10CVSS7.7AI score0.84489EPSS

Exploits362

IBM Security Bulletins•added 2025/12/15 8:41 p.m.•9 views

Security Bulletin: IBM Concert is vulnerable to remote code execution due to React (CVE-2025-55182)

Summary IBM Concert uses React which is vulnerable to remote code execution. Vulnerability Details CVEID:CVE-2025-55182 DESCRIPTION: A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following...

10CVSS8.2AI score0.84489EPSS

Exploits362Affected Software1

Microsoft Secure•added 2025/12/15 7:35 p.m.•10 views

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 also referred to as React2Shell and includes CVE-2025-66478, which was merged into it is a critical pre-authentication remote code execution RCE vulnerability affecting React Server Components, Next.js, and related frameworks. With a CVSS score of 10.0, this vulnerability could all...

10CVSS8.9AI score0.84489EPSS

Exploits376

Microsoft Secure•added 2025/12/15 7:35 p.m.•7 views

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

10CVSS8.6AI score0.84489EPSS

Exploits376

GithubExploit•added 2025/12/15 10:50 a.m.•193 views

Exploit for CVE-2025-55183

React Server Components 취약점 테스트 React Server Components RSC...

7.5CVSS6.8AI score0.41239EPSS

Exploits13

GithubExploit•added 2025/12/15 10:32 a.m.•162 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 - React Server Components RCE NOTE: Written b...

10CVSS7.7AI score0.84489EPSS

Exploits376

RedhatCVE•added 2025/12/15 8:25 a.m.•7 views

CVE-2025-55183

A flaw was found in React Server Components RSC. This vulnerability allows an information leak, where a specifically crafted HTTP Hypertext Transfer Protocol request to a vulnerable Server Function can unsafely return its source code. Exploitation requires a Server Function that explicitly or...

5.3CVSS6.5AI score0.26306EPSS

Exploits7References5

RedhatCVE•added 2025/12/15 8:3 a.m.•6 views

CVE-2025-67779

A flaw was found in React Server Components. This vulnerability allows a denial of service via unsafe deserialization of payloads from HTTP Hypertext Transfer Protocol requests to Server Function endpoints. A malicious HTTP request can be crafted and sent to any App Router endpoint that, when...

7.5CVSS6.3AI score0.41239EPSS

Exploits10References5

RedhatCVE•added 2025/12/15 8:3 a.m.•6 views

CVE-2025-55184

7.5CVSS6.5AI score0.41239EPSS

Exploits10References5

Broadcom•added 2025/12/15 12:0 a.m.•17 views

unauthenticated remote code execution vulnerability in React Server Components. React (CVE-2025-55182), Next.js (CVE-2025-66478).

CVE-2025-55182 Description: A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable co...

10CVSS7.9AI score0.84489EPSS

Exploits376

GithubExploit•added 2025/12/14 5:18 p.m.•160 views

Exploit for Deserialization of Untrusted Data in Facebook React

Next.Js React Server Components RSC Vulnerabilities This re...

10CVSS8.8AI score0.84489EPSS

Exploits372

GithubExploit•added 2025/12/14 2:24 p.m.•126 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell Scanner – with PoC CVE-2025-55182 – React Ser...

10CVSS7.2AI score0.84489EPSS

Exploits376