CVE-2025-55184

A flaw was found in React Server Components. This vulnerability allows a denial of service via unsafe deserialization of payloads from HTTP Hypertext Transfer Protocol requests to Server Function endpoints. A malicious HTTP request can be crafted and sent to any App Router endpoint that, when...

unauthenticated remote code execution vulnerability in React Server Components. React (CVE-2025-55182), Next.js (CVE-2025-66478).

CVE-2025-55182 Description: A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable co...

Exploit for Deserialization of Untrusted Data in Facebook React

Next.Js React Server Components RSC Vulnerabilities This re...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell Scanner – with PoC CVE-2025-55182 – React Ser...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Advanced Scanner 🚀 !Bashhttps://img.shields...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell – Advanced Discovery & Exploitation Framework An...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell CVE-2025-55182 - Proof of Concept A comprehensi...

Exploit for Deserialization of Untrusted Data in Facebook React

React2P4IM0Nshell 💥Extension Tool para...

Exploit for Deserialization of Untrusted Data in Facebook React

R2SHELL !WARNING Este proyecto es SOLO PARA PROPÓSITO...

Exploit for Deserialization of Untrusted Data in Facebook React

📌 CVE-2025-55182 — React2Shell Critical Unauthenticated Remote...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55184 React Server Components 19.0.0 to 19.2.1 includ...

Exploit for Deserialization of Untrusted Data in Facebook React

⚛️ React2Shell Exploit CVE-2025-55182 !Severityhttps://i...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Lab A hands-on lab to exploit CVE-2025-55182...

Denial Of Service (DoS)

react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack and next are vulnerable to a Denial-Of-Service DoS. The vulnerability is due to insufficient patching of unsafe payload deserialization in React Server Components, where maliciously crafted HTTP requests sent to Server...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell A CLI tool to exploit prototype pollution vulnerab...

Denial Of Service (DoS)

react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack, and next.js are vulnerable to Denial-Of-Service DoS vulnerability. The vulnerability is due to unsafe deserialization of payloads sent to React Server Components Server Function endpoints, where a crafted HTTP request...

Information Disclosure

react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack, next and vitejs/plugin-rsc is vulnerable to an Information Disclosure. The vulnerability is due to unsafe handling of stringified arguments in React Server Components RSC Server Functions, where a specifically crafted...

Exploit for Deserialization of Untrusted Data in Facebook React

ReactOOPS - HTB Web Challenge Writeup...

Exploit for Deserialization of Untrusted Data in Facebook React

next88 - React Server Components RCE Scanner High-performance...

Exploit for CVE-2025-55183

React Server Components Security Lab CVE-2025-55183 & CVE-202...