AI description
CVE-2025-54068 is a remote command execution (RCE) vulnerability found in Livewire, a full-stack framework for Laravel. Specifically, it affects Livewire v3 versions up to and including v3.6.3. The vulnerability stems from how certain component property updates are handled during hydration, which could allow unauthenticated attackers to execute arbitrary code. Exploitation requires a component to be mounted and configured in a particular way but does not require authentication or user interaction. The vulnerability lies in the `hydrateForUpdate` method within the `Livewire\Mechanisms\HandleComponents\HandleComponents` class. A specially crafted update payload can bypass validation and sanitization during the hydration process, causing the framework to interpret untrusted input as executable code. This issue has been patched in Livewire v3.6.4, and users are strongly encouraged to upgrade to this version or later as soon as possible. There are no known workarounds.
- Description
- Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions. Exploitation requires a component to be mounted and configured in a particular way, but does not require authentication or user interaction. This issue has been patched in Livewire v3.6.4. All users are strongly encouraged to upgrade to this version or later as soon as possible. No known workarounds are available.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- livewire
CVSS 4.0
- Type
- Secondary
- Base score
- 9.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-94
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
15
Laravel-livewire RCE (CVE-2025-54068) - Video POC Here is the Exploit Github repo: https://t.co/o3bdvqC1ra ~credit synacktiv For more bugbounty content Join my telegram channel: https://t.co/J6uPf8H57o https://t.co/XxjlowowWt
@darkshadow2bd
8 Feb 2026
9969 Impressions
32 Retweets
176 Likes
130 Bookmarks
3 Replies
1 Quote
LE WEB A CASSÉ en DÉCEMBRE 2025. React2Shell, MongoBleed, Livewire... les piliers d'Internet se sont effondrés. 💥 J'ai invité les chercheurs de chez @Synacktiv, @_Worty et @_remsio_, pour décortiquer la RCE sur Livewire (CVE-2025-54068)🛠️ https://t.co/67QcHXWWLV
@Fransosiche
4 Feb 2026
1962 Impressions
10 Retweets
17 Likes
2 Bookmarks
0 Replies
1 Quote
🚨 CVE-2025-54068 - critical 🚨 Laravel Livewire v3 - Remote Command Execution > Livewire v3 (Laravel) contains a vulnerability in its component hydration/update mech... 👾 https://t.co/RtKjdyBzaR @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
4 Feb 2026
217 Impressions
2 Retweets
5 Likes
4 Bookmarks
0 Replies
0 Quotes
Update your Livewire version! I heard two people report that they were hacked through an old Livewire website. CVE-2025-54068 is now actively exploited. If you're under < 3.6.4, upgrade immediately.
@SRWieZ
28 Jan 2026
139 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Livewire has a RCE vulnerability (CVE-2025-54068) and people are not talking enough about it. Attackers are silently installing Crypto miners on your servers and you're not even aware about it. If you're using @LaravelLivewire up to 3.6.3 on your @laravelphp website, you most
@triplethata
26 Jan 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #0day Alert! 🚨 CVE-2025-54068 exploit for #LiveWire Remote Command Execution is now public. ⚡ #CyberSecurity #RCE #Exploit #Vulnerability #InfoSec https://t.co/yBibL6JYWU
@TheExploitLab
24 Jan 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Always keep the targets you find easily accessible, so that when a new vulnerability emerges, you'll definitely come across one of them 🥳🥳🥰🥰 Target: CVE-2025-54068 Tool: https://t.co/ahDmL3YRc0 @intigriti #bugbountytip #bugbountytips #infosec #recon https://t.co/v
@ynsmroztas
23 Jan 2026
6691 Impressions
14 Retweets
121 Likes
92 Bookmarks
0 Replies
0 Quotes
‼️Livepyre: A tool designed to exploit CVE-2025-54068 and Remote Command Execution if the APP_KEY of the Livewire project is known. GitHub: https://t.co/7XOU7YC0Uo Writeup: https://t.co/2KjVJxndu5 CVSS: 9.2 Description: Livewire is a full-stack framework for Laravel. In h
@DarkWebInformer
22 Jan 2026
3317 Impressions
5 Retweets
27 Likes
17 Bookmarks
1 Reply
0 Quotes
🚨 CVE-2025-54068: Unauthenticated RCE in Laravel Livewire v3 ⚠️ Only for educational purposes & ethical hacking 👍 Like, comment & share if this helped! #CyberSecurity #EthicalHacking #CVE #Exploit #PoC #RedTeam #BugBounty #Infosec #Pentesting #OSCP https://t.co/
@r0otk3r
12 Jan 2026
147 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
C'est un beau début d'année pour la FrenchTech avec : 💥 Vulns CVE-2026-21858 et CVE-2025-68613 n8n par @Chocapikk 💥 Vuln Livewire CVE-2025-54068* par @_Worty et @_remsio_ Bravo à vous 🎉 et bonne année 2026 😄 *allez.... fin 2025 c'est presque début 2026 😅
@mynameisv_
9 Jan 2026
424 Impressions
0 Retweets
6 Likes
0 Bookmarks
4 Replies
0 Quotes
CVE-2025-54068 is the #React2Shell of the Laravel world.🚩 Just like Next.js Server Actions, Livewire bridges the frontend/backend gap automatically. But blindly deserializing state from the client? That leads to RCE. 👇Try the exploit via Vulhub: https://t.co/dWjH6HTcif #Vul
@phithon_xg
8 Jan 2026
24470 Impressions
68 Retweets
365 Likes
221 Bookmarks
5 Replies
1 Quote
"🚨 New exploit tool alert: synacktiv/Livepyre targets CVE-2025-54068. \nCheck it out: https://t.co/A9n9p95cmK \n#cybersecurity #exploit #CVE202554068 #infosec"
@dxiadong527
8 Jan 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit #AppSec 1⃣. Livewire: RCE through unmarshaling - https://t.co/sQJ0RjUly5 // critical vulnerability (CVE-2025-54068) in Livewire allows RCE via unsafe object unmarshaling during component hydration, affecting many Laravel projects and patched in v3.6.4+, highlighting t
@ksg93rd
30 Dec 2025
1003 Impressions
0 Retweets
13 Likes
4 Bookmarks
1 Reply
1 Quote
CVE-2025-54068 # The Livewire "Silent Killer": Remote Code Execution (RCE) via Stealth Read the full report on - https://t.co/OkLUEWh0g8 https://t.co/g7d0hspqr1
@cyberbivash
26 Dec 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 RCE in #Livewire (CVE-2025-54068)! Our specialists uncovered a critical flaw allowing remote code execution without the APP_KEY, exploiting Livewire’s hydration mechanism + PHP’s loose typing. 🔗 Patch now! (v3.6.4+) https://t.co/a5dFicootF
@Synacktiv
23 Dec 2025
23597 Impressions
33 Retweets
97 Likes
51 Bookmarks
1 Reply
4 Quotes
#VulnerabilityReport #CVE202554068 Critical Livewire RCE (CVE-2025-54068) Threatens Millions of Laravel Apps – Patch Immediately! https://t.co/GChbpHJzWx
@Komodosec
26 Aug 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Livewire の脆弱性 CVE-2025-54068 が FIX:Laravel アプリに RCE の可能性 https://t.co/qVBDI2tkZy Livewire に深刻な脆弱性が発見されました特に v3 系列を使っていると、未認証の脅威アクターに攻撃される可能性があるという
@iototsecnews
4 Aug 2025
62 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 :CVE-2025-54068 : Unauthenticated Remote Command Execution in Livewire Framework v3 Up to 3.6.3 📊729.7K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/VUmfY2hURH 👇Query HUNTER : https://t.co/q9rtuGfZuz="Livewire" https:
@HunterMapping
22 Jul 2025
3264 Impressions
14 Retweets
55 Likes
23 Bookmarks
3 Replies
0 Quotes
A critical vulnerability in Livewire exposes millions of Laravel web applications to unauthenticated remote command execution attacks, compelling immediate upgrades to version 3.6.4. This flaw, CVE-2025-54068, can allow attackers to execute arbitrary commands without any user ...
@CybrPulse
21 Jul 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-54068 Unauthenticated Remote Command Execution in Livewire Framework v3 Up to 3.6.3 https://t.co/Jr776uNhkq
@VulmonFeeds
17 Jul 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54068 Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command … https://t.co/2A75cODfcU
@CVEnew
17 Jul 2025
326 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-54068: CRITICAL] Warning: Vulnerability in Livewire v3 allows remote command execution. Upgrade to v3.6.4 to patch the issue. Exploitation doesn't need authentication or user interaction.#cve,CVE-2025-54068,#cybersecurity https://t.co/yGMOhl3JkQ https://t.co/n2P8kpIoo4
@CveFindCom
17 Jul 2025
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:laravel:livewire:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A81C21A-76FA-4AF1-B265-01730D15D670",
"versionEndExcluding": "3.6.4",
"versionStartIncluding": "3.0.0"
}
],
"operator": "OR"
}
]
}
]