Ctrl + K
/ news / CVE
CVEPublished 2025-12-0311 articles on news7 live referencesNVD data

CVE-2025-55182

Vulnerability data via CVEDB (Shodan)

CISA KEVKnown exploited in the wild.Used in ransomware
CISA action: Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.
CVSS v3.1
10.0
CRITICAL
EPSS percentile
100
Exploit Prediction Scoring System · top 0% of all CVEs
Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Timeline
Published 2025-12-03

External references

NVDMITREExploit-DBGitHub PoCSploitustrickest/cveVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2025-55182
Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product + version
product:"Facebook React" version:"19.0.0"
Version-pinned fingerprint from NVD's first vulnerable CPE.
Shodan · banner/body mention
http.html:"React"
HTTP body or banner mentions "React" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2025-55182
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2025-55182
Censys host search filtered to this CVE id.
grep.app
CVE-2025-55182
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2025-55182
GitHub code search for direct mentions.
Google dork
"CVE-2025-55182" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (8)

CVE-2025-551828 repos
sbilly/awesome-securityunknown
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
★ 14,438·updated 5mo ago
KingOfBugbounty/KingOfBugBountyTipsPython
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can re…
★ 5,428·updated 3mo ago
Threekiii/Awesome-POCJava
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.
★ 5,043·updated 1mo ago
0xsyr0/OSCPPowerShell
OSCP Cheat Sheet
★ 3,757·updated 5d ago
ljagiello/ctf-skillsPython
Agent skills for solving CTF challenges - web exploitation, binary pwn, crypto, reverse engineering, forensics, OSINT, and more
★ 2,476·updated 2d ago
assetnote/react2shell-scannerPython
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)
★ 2,452·updated 6mo ago
eeeeeeeeee-code/POCunknown
备份的漏洞库,3月开始我们来维护
★ 2,042·updated 2mo ago
msanft/CVE-2025-55182Python
Explanation and full RCE PoC for CVE-2025-55182
★ 1,421·updated 6mo ago
Articles on news mentioning CVE-2025-55182