Security scanner for CVE-2025-55182 - Critical RCE vulnerability in React Server Components. Scan npm/pnpm/yarn lockfiles, Docker images, SBOMs, and live URLs. Auto-fix, SARIF output, GitHub Actions, Vercel integration, and runtime protection middleware.
This repository contains a POC of CVE-2025-55182, a critical (CVSS score 10.0) pre-authentication remote code execution vulnerability affecting React Server Components, also known as React2Shell.
A Chrome extension for detecting React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) in web applications
A modern Next.js vulnerable web app themed as a news / blog portal for CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) to learn, detect, and safely exercise React2Shell. Runs unpatched React 19.0.0 and Next.js 15.0.3.
chrome extension to detect next.js sites vulnerable to CVE-2025-55182 (react2shell)
A test server for demonstrating and testing React2Shell (CVE-2025-55182) vulnerability
This is a POC script for CVE-2025-55182 (React SSR RCE)
Show case CVE-2025-55182 POC in Typrescript/Javascript
Add a description, image, and links to the react2shell topic page so that developers can more easily learn about it.
To associate your repository with the react2shell topic, visit your repo's landing page and select "manage topics."