Lucene search
K

485 matches found

Snyk
Snyk
added 2026/01/26 7:49 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview react-server-dom-webpack is a React Server Components bindings for DOM using Webpack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttli...

8.7CVSS5.9AI score0.65592EPSS
Exploits10References2
Vulnrichment
Vulnrichment
added 2026/01/26 7:16 p.m.3 views

CVE-2026-23864

Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints,...

6AI score0.02499EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/26 7:16 p.m.10 views

CVE-2026-23864

Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints,...

7.5CVSS6AI score0.02499EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2026/01/26 7:16 p.m.23 views

CVE-2026-23864

Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints,...

0.02499EPSS
Exploits0References1
CVE
CVE
added 2026/01/26 7:16 p.m.89 views

CVE-2026-23864

CVE-2026-23864 affects React Server Components packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The connected advisories describe a denial-of-service condition triggered by specially crafted HTTP requests to Server Function endpoints, potentially causin...

7.5CVSS6AI score0.02499EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2026/01/26 5:15 p.m.164 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 React2Shell Vulnerability Target Vulnerab...

10CVSS7.4AI score0.99562EPSS
Exploits374
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.6 views

Meta React Server Components security vulnerabilities

Meta React Server Components are a series of components developed by the American company Meta. There is a security vulnerability in Meta React Server Components, which can lead to server crashes, memory exhaustion, or excessive CPU usage when specially crafted HTTP requests are sent...

7.5CVSS7.5AI score0.02499EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/01/23 6:5 p.m.211 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell PoC This repository provides a minimal intentiona...

10CVSS6.6AI score0.99562EPSS
Exploits388
GithubExploit
GithubExploit
added 2026/01/23 10:36 a.m.366 views

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js Security Testing Tool Professiona...

10CVSS5.7AI score0.99562EPSS
Exploits374
Cvelist
Cvelist
added 2026/01/21 6:56 p.m.20 views

CVE-2025-68135 EVerest's inadequate exception handling leads to denial of service

EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the TbdController loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers...

6.5CVSS0.0029EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

Rockwell Automation Verve Asset Manager security vulnerability

Rockwell Automation Verve Asset Manager is a supplier-neutral OT endpoint management platform provided by Rockwell Automation. There is a security vulnerability in Rockwell Automation Verve Asset Manager, which stems from ADI server components storing plaintext keys in environmental variables...

8.6CVSS5.8AI score0.00126EPSS
Exploits0References1
Node JS Blog
Node JS Blog
added 2026/01/13 12:0 a.m.9 views

Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users

Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users TL;DR Node.js/V8 makes a best-effort attempt to recover from stack space exhaustion with a catchable error, which frameworks have come to rely on for service availability. An edg...

6.3CVSS6.4AI score0.0041EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/01/10 3:58 a.m.181 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 React2Shell Vulnerability Analysis Lab This...

10CVSS8.1AI score0.99562EPSS
Exploits374
OSV
OSV
added 2026/01/08 8:54 p.m.16 views

GHSA-2W69-QVJG-HVJX React Router vulnerable to XSS via Open Redirects

React Router and Remix v1/v2 SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if developers are creating redirect paths...

8CVSS7AI score0.0077EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/01/08 10:46 a.m.159 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 React2Shell - Proof of Concept ⚠️ SECURIT...

10CVSS8.1AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2026/01/05 7:6 a.m.157 views

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js Security Testing Tool Professiona...

10CVSS7.4AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2026/01/05 6:55 a.m.133 views

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js Security Testing Tool Professiona...

10CVSS7.4AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2026/01/04 12:5 p.m.160 views

Exploit for Deserialization of Untrusted Data in Facebook React

🎯 React2Shell CVE-2025-55182 — From React Server Components...

10CVSS8AI score0.99562EPSS
Exploits388
GithubExploit
GithubExploit
added 2026/01/04 3:15 a.m.213 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 React2Shell - Vulnerable Lab !CVE-2025-5518...

10CVSS8.1AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2026/01/02 7:23 p.m.204 views

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js Security Testing Tool Professiona...

10CVSS6.7AI score0.99562EPSS
Exploits374
Rows per page
Query Builder