4919 matches found
IBM: [RCE] Remote Code Execution via React Server Components Vulnerability CVE-2025-55182
Vulnerability description not provided...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Scanner Simple command-line tool for detecting...
Exploit for Deserialization of Untrusted Data in Facebook React
🔥 RSC RCE Exploit Toolkit !Versionhttps://img.shields.io...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell !Languagehttps://img.shields.io/badge/Language...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Indicator Scanner This repository provides a...
Exploit for Deserialization of Untrusted Data in Facebook React
⚡ CVE-2025-55182 – Auto Exploit Toolkit Precision Engine...
Exploit for Deserialization of Untrusted Data in Facebook React
⚡ CVE-2025-55182 – Advanced Auto Exploit Toolkit Precisi...
Exploit for Deserialization of Untrusted Data in Facebook React
react2shell-scanner-rust Detect CVE-2025-55182 & CVE-2025-664...
Exploit for Deserialization of Untrusted Data in Facebook React
PoC-react2...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-5582 RCE A self-use checking tool for detecting the...
Vite Plugin React 代码注入漏洞
Vite Plugin React is an open source plugin for Vite. A code injection vulnerability exists in Vite Plugin React 0.5.5 and earlier versions, which stems from an insecure dynamic import in the Server Functions API that could lead to remote code execution...
PT-2025-49862
🧵 6/15: The Exploit simplified: The vulnerability CVE-2024-555182 lies in the deserialization process. React wasn't verifying if a requested key actually existed on the object during this process. This allows an attacker to sneak in a request for the constructor of a function...
📄 React / Next.js Unauthenticated Remote Code Execution
A critical unauthenticated remote code execution vulnerability exists in React Server Components RSC Flight protocol. The vulnerability allows attackers to achieve prototype pollution during deserialization of RSC payloads by sending specially crafted multipart requests with proto, constructor, o...
📄 React 19.2.0 PHP Scanner / Remote Code Execution
This project delivers a PHP-based vulnerability scanner and remote code execution exploit for CVE‑2025‑55182 affecting React Server Components. It leverages RSC serialization weaknesses to execute arbitrary commands and validate successful exploitation...
React 19 Server Components Critical Vulnerability (CVE-2025-55182, CVE-2025-55183, CVE-2025-55184)
On December 3, 2025, the React team disclosed a critical remote code execution vulnerability CVE-2025-55182, CVSS 10.0 affecting React 19 Server Components. This vulnerability has raised concerns among Vaadin users and security scanning tools. Update: On December 11 and 12, 2025, two new...
Arbitrary Code Injection
Overview @vitejs/plugin-rsc is a React Server Components RSC support for Vite. Affected versions of this package are vulnerable to Arbitrary Code Injection via unsafe dynamic imports in the loadServerAction, decodeReply, and decodeAction server APIs. An attacker can execute arbitrary JavaScript...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell Vulnerability Scanner A safe, non-invasive scanne...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182: Exploitation Artifacts An export of a small s...
@levo-so/react (>=0.1.15 <=0.1.43), @levo-so/react-collection (>=0.0.1 <=0.1.86) +2 more potentially affected by CVE-2025-65849 via altcha (>=1.0.7 <=2.0.2)
altcha NPM version =1.0.7, =0.1.15, =0.0.1, =0.1.91, =0.0.23, =0.0.34 Source cves: CVE-2025-65849 Source advisory: SNYK:JS-ALTCHA-14236435...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell Detector A Chrome extension for detecting React2S...