Original Proof-of-Concepts for React2Shell CVE-2025-55182
-
Updated
Dec 5, 2025 - JavaScript
#
react2shell
Here are 40 public repositories matching this topic...
Docker poc lab for CVE-2025-55182 / CVE-2025-66478 (React2Shell) detection and exploitation
react docker react-dom proof-of-concept reactjs nextjs docker-image lab poc vulnerability cve app-router-nextjs cve-2025-55182 react2shell cve-2025-66478
-
Updated
Dec 11, 2025 - JavaScript
Security scanner for CVE-2025-55182 - Critical RCE vulnerability in React Server Components. Scan npm/pnpm/yarn lockfiles, Docker images, SBOMs, and live URLs. Auto-fix, SARIF output, GitHub Actions, Vercel integration, and runtime protection middleware.
-
Updated
Dec 7, 2025 - TypeScript
React2Shell Auto Exploit: A CLI tool to exploit prototype pollution vulnerabilities (RCE) in React Server Actions
react cli exploit reactjs scanner nextjs rce next exploit-kit exploit-development rce-exploit server-components rce-scanner rce-testing react2shell react-rce react-exploit
-
Updated
Dec 6, 2025 - Python
Step-by-step walkthrough of CVE-2025-55182 (React2Shell) by tracing React's Flight protocol internals.
-
Updated
Dec 10, 2025
ReactGuard provides framework- and vulnerability-detection tooling for CVE-2025-55182 (React2Shell)
react nextjs waku cve-2025-55182 react2shell reactguard cve-2025-55183 cve-2025-55184 cve-2025-67779
-
Updated
Dec 18, 2025 - Python
React2Shell exploit with multiple WAF bypass and vulnerable example application.
-
Updated
Dec 18, 2025 - Python
-
Updated
Dec 9, 2025 - YARA
This repository contains a POC of CVE-2025-55182, a critical (CVSS score 10.0) pre-authentication remote code execution vulnerability affecting React Server Components, also known as React2Shell.
javascript security typescript exploit reactjs nextjs hacking cybersecurity penetration-testing poc rce bug-bounty vulnerability webdevelopment vulnerability-scanners security-scanner rsc cve-2025-55182 react2shell cve-2025-66478
-
Updated
Dec 6, 2025 - TypeScript
Nuclei template for detecting react2shell (CVE-2025-55182 & CVE-2025-66478)
-
Updated
Dec 4, 2025
CVE-2025-55182 – React2Shell: Proof-of-Concept Remote Code Execution (RCE) exploit for Next.js apps. Features an interactive shell prompt to test and demonstrate the vulnerability in real time. Use for security research and authorized penetration-testing only.
-
Updated
Dec 7, 2025 - Python
Precision-Based Detection of RSC/Next.js Remote Code Execution Vulnerabilities (CVE-2025-55182, CVE-2025-66478)
-
Updated
Dec 14, 2025 - Python
A CTF challenge based on CVE-2025-55182 Vulnerability
-
Updated
Dec 12, 2025 - HTML
A Chrome extension for detecting React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) in web applications
-
Updated
Dec 8, 2025 - TypeScript
React2Shell, CVE-2025-55182, RCE Vulnerability: A critical breakdown of the unsafe deserialization flaw in React Server Components that enables unauthenticated remote code execution across default React/Next.js setups.
-
Updated
Dec 18, 2025 - Python
chrome extension to detect next.js sites vulnerable to CVE-2025-55182 (react2shell)
-
Updated
Dec 6, 2025 - TypeScript
A modern Next.js vulnerable web app themed as a news / blog portal for CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) to learn, detect, and safely exercise React2Shell. Runs unpatched React 19.0.0 and Next.js 15.0.3.
-
Updated
Dec 13, 2025 - TypeScript
Advanced security testing tool for CVE-2025-55182 vulnerability assessment in Next.js applications. Features interactive shell, batch scanning, WAF bypass, and comprehensive reporting.
-
Updated
Dec 6, 2025 - Python
My attempt to make honeypot for React2Shell vulnerability (CVE-2025-66478)
-
Updated
Dec 8, 2025 - Go
Improve this page
Add a description, image, and links to the react2shell topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the react2shell topic, visit your repo's landing page and select "manage topics."