Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

OSV
OSVadded 2025/12/11 8:16 p.m.9 views

CVE-2025-55183

An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. A specifically...

5.3CVSS6.7AI score0.62405EPSS
Exploits7References2
NVD
NVDadded 2025/12/11 8:16 p.m.8 views

CVE-2025-55184

A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafe...

7.5CVSS0.65592EPSS
Exploits10References3
GithubExploit
GithubExploitadded 2025/12/07 3:55 p.m.148 views

Exploit for Deserialization of Untrusted Data in Facebook React

React CVE-2025-55182 Vulnerability Scanner A bash script to s...

10CVSS8.7AI score0.99562EPSS
Exploits370
Snyk
Snykadded 2025/12/03 4:39 p.m.7 views

Arbitrary Code Injection

Overview react-server-dom-webpack is a React Server Components bindings for DOM using Webpack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Arbitrary Code Injection via unsafe deserializatio...

10CVSS7.7AI score0.99562EPSS
Exploits370References3
NVD
NVDadded 2025/12/03 4:15 p.m.20 views

CVE-2025-55182

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes...

10CVSS0.99562EPSS
Exploits370References6
Cvelist
Cvelistadded 2025/12/03 3:40 p.m.75 views

CVE-2025-55182

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes...

10CVSS0.99562EPSS
Exploits370References2
Tenable Nessus
Tenable Nessusadded 2025/12/03 12:0 a.m.13 views

Node.js React Server Components Unauthenticated Remote Code Execution (CVE-2025-55182)

Multiple Node.js React Server Components packages are affected by an unauthenticated remote code execution vulnerability. The following Node.js packages and versions are affected: - react-server-dom-webpack 19.0, 19.1.0, 19.1.1, 19.2.0 - react-server-dom-parcel 19.0, 19.1.0, 19.1.1, 19.2.0 -...

10CVSS7.2AI score0.99562EPSS
Exploits370References3
Rows per page
Query Builder