React Server Components Vulnerability Detection
Professional security tool for detecting critical remote code execution vulnerabilities in React Server Components. Performs comprehensive analysis of domains to identify potential security risks.
CVE-2025-55182 allows unauthenticated remote code execution in React Server Components. Applications supporting RSC may be vulnerable even without explicit Server Function usage. Immediate security assessment and patching is required.
ID: CVE-2025-55182
Type: Unsafe Deserialization
Severity: Critical (10.0)
Disclosed: Nov 29, 2025
Remote code execution on servers. Attackers can achieve complete system compromise, data exfiltration, and lateral movement.
Next.js, React Router, Expo, Redwood SDK, Waku, and any framework using React Server Components.
React: 19.0.0, 19.1.0, 19.1.1, 19.2.0
Patched: 19.0.1+, 19.1.2+, 19.2.1+