Lucene search
K

4919 matches found

GithubExploit
GithubExploit
added 2025/12/13 4:57 p.m.146 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55184 React Server Components 19.0.0 to 19.2.1 includ...

7.5CVSS7.1AI score0.65592EPSS
Exploits10
GithubExploit
GithubExploit
added 2025/12/13 4:56 p.m.125 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Hybrid Security Scanner !Telegramhttps://i...

10CVSS6.9AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/13 4:24 p.m.159 views

Exploit for Deserialization of Untrusted Data in Facebook React

⚛️ React2Shell Exploit CVE-2025-55182 !Severityhttps://i...

10CVSS8.9AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/13 2:30 p.m.136 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Lab A hands-on lab to exploit CVE-2025-55182...

10CVSS7.6AI score0.99562EPSS
Exploits386
Veracode
Veracode
added 2025/12/13 11:1 a.m.11 views

Denial Of Service (DoS)

react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack and next are vulnerable to a Denial-Of-Service DoS. The vulnerability is due to insufficient patching of unsafe payload deserialization in React Server Components, where maliciously crafted HTTP requests sent to Server...

7.5CVSS6.7AI score0.1888EPSS
Exploits3References6Affected Software5
GithubExploit
GithubExploit
added 2025/12/13 9:56 a.m.141 views

Exploit for Deserialization of Untrusted Data in Facebook React

This is a Next.js project bootstrapped wit...

10CVSS6.9AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/13 7:21 a.m.142 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell A CLI tool to exploit prototype pollution vulnerab...

10CVSS8.2AI score0.99562EPSS
Exploits386
Veracode
Veracode
added 2025/12/13 4:32 a.m.11 views

Denial Of Service (DoS)

react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack, and next.js are vulnerable to Denial-Of-Service DoS vulnerability. The vulnerability is due to unsafe deserialization of payloads sent to React Server Components Server Function endpoints, where a crafted HTTP request...

7.5CVSS6.8AI score0.65592EPSS
Exploits10References7Affected Software4
Veracode
Veracode
added 2025/12/13 3:49 a.m.11 views

Information Disclosure

react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack, next and vitejs/plugin-rsc is vulnerable to an Information Disclosure. The vulnerability is due to unsafe handling of stringified arguments in React Server Components RSC Server Functions, where a specifically crafted...

5.3CVSS6.9AI score0.62405EPSS
Exploits7References5Affected Software5
GithubExploit
GithubExploit
added 2025/12/13 3:48 a.m.262 views

Exploit for Deserialization of Untrusted Data in Facebook React

ReactOOPS - HTB Web Challenge Writeup...

10CVSS8.4AI score0.99986EPSS
Exploits403
GithubExploit
GithubExploit
added 2025/12/13 3:42 a.m.155 views

Exploit for Deserialization of Untrusted Data in Facebook React

next88 - React Server Components RCE Scanner High-performance...

10CVSS7.5AI score0.99562EPSS
Exploits386
GithubExploit
GithubExploit
added 2025/12/13 12:18 a.m.134 views

Exploit for Deserialization of Untrusted Data in Facebook React

No d...

10CVSS7AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/12 9:54 p.m.412 views

Exploit for CVE-2025-55183

React Server Components Security Lab CVE-2025-55183 & CVE-202...

7.5CVSS6.6AI score0.65592EPSS
Exploits13
Rapid7 Blog
Rapid7 Blog
added 2025/12/12 8:38 p.m.16 views

Metasploit Wrap-Up 12/12/2025

React2shell Module As you may have heard, on December 3, 2025, the React team announced a critical Remote Code Execution RCE vulnerability in servers using the React Server Components RSC Flight protocol. The vulnerability, tracked as CVE-2025-55182, carries a CVSS score of 10.0 and is informally...

10CVSS9.3AI score0.99562EPSS
Exploits376
GithubExploit
GithubExploit
added 2025/12/12 6:33 p.m.218 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell CVE-2025-55182 Scanner & Exploit Toolkit for Next...

10CVSS7.8AI score0.99562EPSS
Exploits372
Github Security Blog
Github Security Blog
added 2025/12/12 5:21 p.m.11 views

Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up

It was discovered that the fix for CVE-2025-55184 in React Server Components was incomplete and did not fully mitigate denial-of-service conditions across all payload types. As a result, certain crafted inputs could still trigger excessive resource consumption. This vulnerability affects React...

7.5CVSS5.6AI score0.65592EPSS
Exploits10References7Affected Software1
OSV
OSV
added 2025/12/12 5:21 p.m.5 views

GHSA-5J59-XGG2-R9C4 Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up

It was discovered that the fix for CVE-2025-55184 in React Server Components was incomplete and did not fully mitigate denial-of-service conditions across all payload types. As a result, certain crafted inputs could still trigger excessive resource consumption. This vulnerability affects React...

7.5CVSS6AI score0.65592EPSS
Exploits10References7
EUVD
EUVD
added 2025/12/12 4:41 p.m.6 views

EUVD-2025-203104

Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components...

6.5AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/12 4:41 p.m.12 views

Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components

Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-925w-6v3x-g4j4 Patches Upgrade immediately to @vitejs/[email protected] or...

6.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2025/12/12 4:41 p.m.4 views

GHSA-C6M7-Q6PR-C64R Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components

Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-925w-6v3x-g4j4 Patches Upgrade immediately to @vitejs/[email protected] or...

5.3CVSS6.7AI score
Exploits0References3
Rows per page
Query Builder