Original Proof-of-Concepts for React2Shell CVE-2025-55182
-
Updated
Dec 5, 2025 - JavaScript
#
react2shell
Here are 21 public repositories matching this topic...
React2Shell Auto Exploit: A CLI tool to exploit prototype pollution vulnerabilities (RCE) in React Server Actions
react cli exploit reactjs scanner nextjs rce next exploit-kit exploit-development rce-exploit server-components rce-scanner rce-testing react2shell react-rce react-exploit
-
Updated
Dec 6, 2025 - Python
Security scanner for CVE-2025-55182 - Critical RCE vulnerability in React Server Components. Scan npm/pnpm/yarn lockfiles, Docker images, SBOMs, and live URLs. Auto-fix, SARIF output, GitHub Actions, Vercel integration, and runtime protection middleware.
-
Updated
Dec 7, 2025 - TypeScript
Docker poc lab for CVE-2025-55182 detection and exploitation
react docker proof-of-concept nextjs docker-image lab poc vulnerability cve cve-2025-55182 react2shell
-
Updated
Dec 5, 2025 - JavaScript
Step-by-step walkthrough of CVE-2025-55182 (React2Shell) by tracing React's Flight protocol internals.
-
Updated
Dec 8, 2025
Nuclei template for detecting react2shell (CVE-2025-55182 & CVE-2025-66478)
-
Updated
Dec 4, 2025
chrome extension to detect next.js sites vulnerable to CVE-2025-55182 (react2shell)
-
Updated
Dec 6, 2025 - TypeScript
React2Shell, CVE-2025-55182, RCE Vulnerability: A critical breakdown of the unsafe deserialization flaw in React Server Components that enables unauthenticated remote code execution across default React/Next.js setups.
-
Updated
Dec 6, 2025
React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0, including react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack, contain a remote code execution vulnerability.
-
Updated
Dec 6, 2025
CVE-2025-55182 – React2Shell: Proof-of-Concept Remote Code Execution (RCE) exploit for Next.js apps. Features an interactive shell prompt to test and demonstrate the vulnerability in real time. Use for security research and authorized penetration-testing only.
-
Updated
Dec 7, 2025 - Python
Advanced security testing tool for CVE-2025-55182 vulnerability assessment in Next.js applications. Features interactive shell, batch scanning, WAF bypass, and comprehensive reporting.
-
Updated
Dec 6, 2025 - Python
A test server for demonstrating and testing React2Shell (CVE-2025-55182) vulnerability
-
Updated
Dec 6, 2025 - TypeScript
PoC for React2Shell (CVE-2025-55182)
-
Updated
Dec 7, 2025 - Python
This repository contains a POC of CVE-2025-55182, a critical (CVSS score 10.0) pre-authentication remote code execution vulnerability affecting React Server Components, also known as React2Shell.
-
Updated
Dec 6, 2025 - TypeScript
Torito React2Shell Scanner & Exploit Tool (CVE-2025-55182 / 66478)
-
Updated
Dec 7, 2025 - Python
Community tool to detect and remediate CVE-2025-55182 (React2Shell) - Critical RCE vulnerability in React Server Components
-
Updated
Dec 5, 2025 - Shell
CVE-2025-55182 + CVE-2025-66478 - Next.js/React Server Components Remote Code Execution
-
Updated
Dec 8, 2025 - Python
A web-based vulnerability scanner for CVE-2025-55182, a critical Remote Code Execution (RCE) vulnerability in React Server Components.
-
Updated
Dec 5, 2025 - JavaScript
This is a POC script for CVE-2025-55182 (React SSR RCE)
-
Updated
Dec 5, 2025 - TypeScript
POC for CVE-2025-55182 React2Shell
-
Updated
Dec 5, 2025 - Python
Improve this page
Add a description, image, and links to the react2shell topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the react2shell topic, visit your repo's landing page and select "manage topics."