4917 matches found
EUVD-2025-203834
@vitejs/plugin-rs provides React Server Components RSC support for Vite. Prior to version 0.5.8, the /viterscfindSourceMapURL endpoint in @vitejs/plugin-rsc allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sendi...
Exploit for Deserialization of Untrusted Data in Facebook React
Next.js React2Shell CVE-2025-55182 Expl0it A proof-of-conce...
Exploit for Deserialization of Untrusted Data in Facebook React
🔍 Next.js RCE Scanner - CVE-2025-55182 & CVE-2025-66478...
Exploit for Deserialization of Untrusted Data in Facebook React
No d...
Exploit for Deserialization of Untrusted Data in Facebook React
FiberBreak Exploitation tool for CVE-2025-55182 React2Shell...
CVE-2025-68155
creationtimestamp| type| source ---|---|--- 2025-12-16 09:11:25+00:00| published-proof-of-concept| https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-g239-q96q-x4qm...
Exploit for Deserialization of Untrusted Data in Facebook React
Next.js CVE-2025-55182 Proof of Concept This is a proof-of-co...
Vite Plugin React 安全漏洞
Vite Plugin React is an open source plugin for Vite. A security vulnerability exists in Vite Plugin React versions prior to 0.5.8 that stems from an arbitrary file read vulnerability in the /viterscfindSourceMapURL endpoint...
Security Bulletin: QRadar Suite Software includes components with a known vulnerability
Summary QRadar Suite Software includes components with a known vulnerability in React Server Components. This has been addressed in the update. Vulnerability Details CVEID:CVE-2025-55182 DESCRIPTION: A pre-authentication remote code execution vulnerability exists in React Server Components versio...
GHSA-VR6P-VQ2P-6J74 Withdrawn Advisory: LikeC4 has RCE through vulnerable React and Next.js versions
Withdrawn Advisory This advisory has been withdrawn because LikeC4 isn’t impacted by CVE-2025-55182 because it doesn’t ship React. React is a peer dependency. Original Description LikeC4 uses React and Next.js: which contain known RCE vulnerabilities, as seen in CVE-2025-55182. 2025-12-15 Edit: t...
EUVD-2025-203449
LikeC4 has RCE through vulnerable React and Next.js versions...
Withdrawn Advisory: LikeC4 has RCE through vulnerable React and Next.js versions
Withdrawn Advisory This advisory has been withdrawn because LikeC4 isn’t impacted by CVE-2025-55182 because it doesn’t ship React. React is a peer dependency. Original Description LikeC4 uses React and Next.js: which contain known RCE vulnerabilities, as seen in CVE-2025-55182. 2025-12-15 Edit: t...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell CVE-2025-55182 — Local RSC Security Demo ⚠️ W...
Security Bulletin: IBM Concert is vulnerable to remote code execution due to React (CVE-2025-55182)
Summary IBM Concert uses React which is vulnerable to remote code execution. Vulnerability Details CVEID:CVE-2025-55182 DESCRIPTION: A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following...
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
CVE-2025-55182 also referred to as React2Shell and includes CVE-2025-66478, which was merged into it is a critical pre-authentication remote code execution RCE vulnerability affecting React Server Components, Next.js, and related frameworks. With a CVSS score of 10.0, this vulnerability could all...
Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components
CVE-2025-55182 also referred to as React2Shell and includes CVE-2025-66478, which was merged into it is a critical pre-authentication remote code execution RCE vulnerability affecting React Server Components, Next.js, and related frameworks. With a CVSS score of 10.0, this vulnerability could all...
Exploit for Deserialization of Untrusted Data in Facebook React
Exploitest This repository serves as a cent...
Exploit for Deserialization of Untrusted Data in Facebook React
No d...
Exploit for CVE-2025-55183
React Server Components 취약점 테스트 React Server Components RSC...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 - React Server Components RCE NOTE: Written b...