Original Proof-of-Concepts for React2Shell CVE-2025-55182
-
Updated
Dec 5, 2025 - JavaScript
#
react2shell
Here are 31 public repositories matching this topic...
rsc-detect-cve-2025-55182 is a static analysis tool designed to detect potential indicators of CVE-2025-55182
-
Updated
Dec 8, 2025 - Python
React2Shell Auto Exploit: A CLI tool to exploit prototype pollution vulnerabilities (RCE) in React Server Actions
react cli exploit reactjs scanner nextjs rce next exploit-kit exploit-development rce-exploit server-components rce-scanner rce-testing react2shell react-rce react-exploit
-
Updated
Dec 6, 2025 - Python
Security scanner for CVE-2025-55182 - Critical RCE vulnerability in React Server Components. Scan npm/pnpm/yarn lockfiles, Docker images, SBOMs, and live URLs. Auto-fix, SARIF output, GitHub Actions, Vercel integration, and runtime protection middleware.
-
Updated
Dec 7, 2025 - TypeScript
Docker poc lab for CVE-2025-55182 detection and exploitation
react docker proof-of-concept nextjs docker-image lab poc vulnerability cve cve-2025-55182 react2shell
-
Updated
Dec 5, 2025 - JavaScript
Step-by-step walkthrough of CVE-2025-55182 (React2Shell) by tracing React's Flight protocol internals.
-
Updated
Dec 10, 2025
CVE-2025-55182 – React2Shell: Proof-of-Concept Remote Code Execution (RCE) exploit for Next.js apps. Features an interactive shell prompt to test and demonstrate the vulnerability in real time. Use for security research and authorized penetration-testing only.
-
Updated
Dec 7, 2025 - Python
ReactGuard provides framework- and vulnerability-detection tooling for CVE-2025-55182 (React2Shell)
-
Updated
Dec 10, 2025 - Python
This repository contains a POC of CVE-2025-55182, a critical (CVSS score 10.0) pre-authentication remote code execution vulnerability affecting React Server Components, also known as React2Shell.
-
Updated
Dec 6, 2025 - TypeScript
-
Updated
Dec 9, 2025 - YARA
Nuclei template for detecting react2shell (CVE-2025-55182 & CVE-2025-66478)
-
Updated
Dec 4, 2025
chrome extension to detect next.js sites vulnerable to CVE-2025-55182 (react2shell)
-
Updated
Dec 6, 2025 - TypeScript
React2Shell, CVE-2025-55182, RCE Vulnerability: A critical breakdown of the unsafe deserialization flaw in React Server Components that enables unauthenticated remote code execution across default React/Next.js setups.
-
Updated
Dec 6, 2025
A Chrome extension for detecting React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) in web applications
-
Updated
Dec 8, 2025 - TypeScript
React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0, including react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack, contain a remote code execution vulnerability.
-
Updated
Dec 6, 2025
A critical vulnerability in React Server Components affecting React 19 (CVE-2025-55182) and frameworks that use it like Next.js (CVE-2025-66478).
react nodejs python kernel hack exploit rce ctf cve zeroday tryhackme cve-2025-55182 react2shell cve-2025-66478
-
Updated
Dec 9, 2025 - Python
Advanced security testing tool for CVE-2025-55182 vulnerability assessment in Next.js applications. Features interactive shell, batch scanning, WAF bypass, and comprehensive reporting.
-
Updated
Dec 6, 2025 - Python
Torito React2Shell Scanner & Exploit Tool (CVE-2025-55182 / 66478)
-
Updated
Dec 7, 2025 - Python
A test server for demonstrating and testing React2Shell (CVE-2025-55182) vulnerability
-
Updated
Dec 6, 2025 - TypeScript
My attempt to make honeypot for React2Shell vulnerability (CVE-2025-66478)
-
Updated
Dec 8, 2025 - Go
Improve this page
Add a description, image, and links to the react2shell topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the react2shell topic, visit your repo's landing page and select "manage topics."