Exploit for CVE-2025-55182

CVE-2025-55182: Critical Pre-Authentication RCE in React Serve...

rsc-rce-poc

React Server Actions RCE Vulnerability - Proof of Concept Cre...

React2Shell (CVE-2025-55182) - Critical unauthenticated RCE affecting React Server Components

Overview Update 1: As of 4:30 PM Eastern, December 4, 2025, Rapid7 has validated that a working weaponizedproof-of-concept exploit ,shared by researcher@maple3142 , is now publicly available. Update 2: On December 5, 2025,Lachlan Davidson who discovered the vulnerability has also published...

Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025

On December 3, 2025, the React team released a security advisory regarding a vulnerability, CVE-2025-55182, in the React server that could allow an unauthenticated, remote attacker to perform remote code execution on an affected device or system. For a description of this vulnerability, see the...

Exploit for CVE-2025-55182

React2Shell Vulnerable Banking Application Lab Deliberately v...

CVE-2025-55182

A flaw was found in the React Server Components RSC protocol in which an attacker could send a malicious package to a Server Function endpoint and cause unauthenticated remote code execution. This is possible due to the way the affected packages deserialized untrusted data...

Exploit for CVE-2025-55182

CVE-2025-55182 some notes template: py !/usr/bin/env py...

Exploit for CVE-2025-55182

CVE-2025-55182 Check for the critical RCE vulnerability i...

Exploit for CVE-2025-55182

🔍 Phoenix SCA Scanner - Universal - Version for CVE-2025-55182...

Exploit for CVE-2025-55182

CVE-2025-55182 Scanner & Exploit Lab This repository contains...

Exploit for CVE-2025-55182

React 19 & Next.js Security Fix Prompts for AI Agents 🚨 CRI...

Exploit for CVE-2025-55182

CVE-2025-55182 This vulnerability allows RCE in React Server...

Exploit for CVE-2025-55182

CVE-2025-55182 React2Shell Detection Tool Detection tools for...

Wallarm Halts Remote Code Execution Exploits: Defense for Vulnerable React Server Component Workflows

On December 3, 2025, React maintainers disclosed a critical unauthenticated remote code execution RCE vulnerability in React Server Components RSC, tracked as CVE-2025-55182. A working PoC was released publicly, and Wallarm immediately began observing widespread exploitation attempts across...

Exploit for CVE-2025-55182

CVE-2025-55182 This repository contains a PoC reproduction of...

Exploit for CVE-2025-55182

react2shell-scanner A command-line tool for detecting CVE-202...

Exploit for CVE-2025-55182

CVE-2025-55182 – React Server Components RCE Proof of Conce...

Remote Code Execution (RCE)

React Server Components are vulnerable to Remote Code Execution RCE. The vulnerability is due to the unsafe deserialization of attacker-controlled payloads sent to Server Function endpoints, which allows an attacker to execute arbitrary code without authentication...

Exploit for CVE-2025-55182

CVE-2025-55182 - React Server Components Prototype Chain Vulne...

Exploit for CVE-2025-55182

CVE-2025-55182: React Server Components RCE A minimal proof o...