Skip to content
/ react2shell Public

A critical vulnerability in React Server Components affecting React 19 (CVE-2025-55182) and frameworks that use it like Next.js (CVE-2025-66478).

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dr4xp/react2shell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
exploit.py
exploit.py
 
 

Repository files navigation

Description:

CVE-2025-55182 is a critical unauthenticated remote code execution (RCE) vulnerability in the react-server package used by React Server Components (RSC).

CVE-2025-66478 is the corresponding RCE vulnerability in Next.js, which inherits the same underlying flaw through its implementation of the RSC "Flight" protocol.

For test cve's:

TryHackMe: React2Shell

YouTube: React2Shell

RCE in React Server.

About

A critical vulnerability in React Server Components affecting React 19 (CVE-2025-55182) and frameworks that use it like Next.js (CVE-2025-66478).

Topics

react nodejs python kernel hack exploit rce ctf cve zeroday tryhackme cve-2025-55182 react2shell cve-2025-66478

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages