CVE-2025-66478

Yesterday, the CBN issued an advisory, based on guidance from ngCERT, warning financial institutions about critical vulnerabilities (CVE-2025-55182 and CVE-2025-66478) in React Server Components (versions 19.0 to 19.2) and Next.js (versions 15 to 16) that could allow

Yesterday, the CBN issued an advisory, based on guidance from ngCERT, warning financial institutions about critical vulnerabilities (CVE-2025-55182 and CVE-2025-66478) in React Server Components (versions 19.0 to 19.2) and Next.js (versions 15 to 16) that could allow

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) https://t.co/YENru2XfEU

A critical vulnerability in React Server Components (CVE-2025-55182) impacts React 19 and frameworks including Next.js (CVE-2025-66478). Protections have been deployed in coordination with industry partners. Upgrade to the latest patched versions immediately. https://t.co/IDLOD

A critical vulnerability has been identified in the React Server Components (RSC) protocol | NEXTJS 15, 16 CVE-2025-66478 #cybersecurity https://t.co/PfAyEW9fm4

包括的なセキュリティアーキテクチャレポート：Next.js 16 の脆弱性分析と強化戦略（CVE-2025-66478） https://t.co/HQzjYNYFpA

CVSS 10.0 React2Shell masterpiece (CVE-2025-55182 / CVE-2025-66478) in @nextjs turned our client's production server into a 24/7 crypto mining rig in minutes :)))) A month of forensic digging later we discover the miners were politely hiding inside node_modules like Easter eggs

#VulnerabilityReport #AppRouter Maximum Severity Alert: Critical RCE Flaw Hits Next.js (CVE-2025-66478, CVSS 10.0) https://t.co/CkaJZMMtMg

Learnt about CVE (Common Vulnerabilities and Exposures) and how they affect older versions of Next.js. While updating a project, I ran into CVE-2025-66478. Keeping frameworks updated isn’t just about features — it’s about security 🔐😲

Este repositorio habría sido utilizado como punto inicial en el compromiso de la UNAM, explotando una vulnerabilidad conocida que fue registrada el 3 de diciembre de 2025 (CVE-2025-66478): https://t.co/N6YcZIvVzp Es altamente probable que actores de ciberdelincuencia hayan ht

Dear @TonyRobbins & @deangraziosi I have found a bug in your website https://t.co/8FsVFNkAnJ That allows me to Remote code execution (RCE). This is the critical React2Shell flaw (CVE-2025-66478 / CVE-2025-55182) affecting unpatched Next.js apps – allowing full root shell

Dear @OfficialB360, I reported an unauthenticated Remote Code Execution vulnerability on your website (https://t.co/WKe1KHPPly) via email This is the critical React2Shell flaw (CVE-2025-66478 / CVE-2025-55182) affecting unpatched Next.js apps – allowing full root shell access

Dear @OfficialB360, I reported an unauthenticated Remote Code Execution vulnerability on your website (https://t.co/WKe1KHPPly) via email This is the critical React2Shell flaw (CVE-2025-66478 / CVE-2025-55182) affecting unpatched Next.js apps – allowing full root shell access

Dear @OfficialB360, I reported an unauthenticated Remote Code Execution vulnerability on your website (https://t.co/WKe1KHPPly) via email This is the critical React2Shell flaw (CVE-2025-66478 / CVE-2025-55182) Discover my tools : https://t.co/IJs1ItYjq0 https://t.co/MvFSMHgiwM

🔥 React2Shell RCE Exploit (CVE-2025-66478) is out! 🔥 A critical remote code execution vulnerability exploit for #React apps. Use for authorized testing only! ⚠️ #cybersecurity #infosec #exploit #CVE https://t.co/RRXWcvL61o https://t.co/43Zio4BViw

Just when the gate closed, Vecna slipped back in through code. 💻🧟‍♂️ CVE-2025-66478: one poisoned request, total takeover. ⚠️ Astra detected it. Contained it. But Vecna isn’t gone… yet. 🔍 Episode 3 coming. The real fight begins.#NextJS #StrangerThings #As

به تازگی گروه هکری با نام PCPcat از دو آسیب پذیری با کد های شناسایی CVE-2025-29927 و CVE-2025-66478 برای نفوذ به سرورها استفاده می کنند. یکی از این آسیب پذیری ها مربوط به آسی

Operation PCPcat Hacked 59,000+ Next.js/React Servers Within 48 Hours A massive credential-theft campaign dubbed PCPcat compromised 59,128 Next.js servers in under 48 hours. The operation exploits critical vulnerabilities CVE-2025-29927 and CVE-2025-66478, achieving a 64.6%

🚨 Operation PCPcat: Credential-Stealing Campaign Hijacks 59,000+ Next.js Servers via React/Next.js RCE A mass exploitation campaign is compromising internet-facing Next.js deployments by chaining CVE-2025-29927 and CVE-2025-66478 for RCE, then scraping high-value secrets (.env

59,128台のNext.jsサーバが48時間でハッキングされた。Beelzebub社報告。CVE-2025-29927とCVE-2025-66478の連鎖。攻撃成功率は64.6%。C2サーバ偵察による調査。活動をOperation PCPcatと命名。 https://t.co/FIwX4EOrYX

#threatreport #LowCompleteness Original Paper | React2Shell Exploit Analysis Report | 20-12-2025 Source: https://t.co/xgDGbMYGNm Key details below ↓ 💀Threats: React2shell_vuln, 🎯Victims: Technology sector 🌐Geo: China, Germany 🔓CVEs: CVE-2025-66478 https://t.co/X

[긴급] React·Next.js서 심각도 10 취약점 발견... 인증 없이 원격 코드 실행 가능 RCS 역직렬화 결함이 불러온 ‘CVSS 10.0’ 최악의 버그 기본 설정만으로도 뚫린다... 해당 결함은 CVE-2025-55182로 명명 Next.js 애플리케이

🚨 ALERTA CRÍTICO: Corrija o RCE do Next.js Agora! (CVE-2025-66478 ) Se sua empresa roda Next.js (App Router) em produção, pare agora. O CVE-2025-66478 é um RCE nível 10. Basicamente, entrega a chave do servidor. https://t.co/qQNM0AiX1e Acabei de soltar uma análise técn

Apparently most of SF’s power grid was running on a vulnerable version of Next.js and now the entire city’s power supply is being used to mine Monero. This is your sign to upgrade immediately. CVE-2025-66478 takes no prisoners. https://t.co/Qh4v6I6mVx

A server owner learned the hard way that "I don't use Next.js" doesn't guarantee safety. Their server was found mining cryptocurrency, exploited via an analytics tool due to a critical Next.js vulnerability (CVE-2025-66478). 1/5

🚨 New Outbreak Alert: Critical unauthenticated RCE (#React2Shell) actively exploited in the wild, impacting React Server Components and vulnerable Next.js implementations (CVE-2025-55182, CVE-2025-66478). 🔗 Get full details and mitigation guidance: https://t.co/dnn9XFGKEh

react2shell #exploit #scanner A CLI tool to exploit prototype pollution vulnerabilities in React Server Components / Server Actions (CVE-2025-55182 & CVE-2025-66478), enabling remote code execution (RCE) on vulnerable servers. https://t.co/LCO0fnt4pO

React2Shell #exploit An advanced command-line framework for discovery, validation, and exploitation of CVE-2025-55182 and CVE-2025-66478 affecting Next.js applications using React Server Components (RSC). https://t.co/1JtUXwLfg4

CVE-2025-66478-Exploit-PoC #exploit Proof-of-concept exploit demo for CVE-2025-66478 using Node.js https://t.co/OMpRGwe90P

🔐 Don’t hack me, please! 🙏✨ > bunx fix-react2shell-next 🛡️ fix-react2shell-next — Next.js vulnerability scanner A quiet guardian, checking the seams of your code 🌙 🔍 Scanning for 4 known vulnerabilities: 🚨 CVE-2025-66478 (critical): Remote code ex

PCPcat malware compromises 59,000+ servers in under 48 hours via React2Shell exploit, abusing .js/React RCE flaws CVE-2025-29927 and CVE-2025-66478 for unauthenticated remote code execution. #Malware https://t.co/3iSPlAiBTl

Anyone else hitting this on Vercel? ⚠️ Vulnerable version of Next.js detected (CVE-2025-66478). Fix that worked for me: npx fix-react2shell-next Curious who else ran into this https://t.co/pn98maulPz

0G Foundation hit by breach via critical .js flaw CVE-2025-66478 on Dec 5 2025, with 520,010 $0G drained through the reward contract emergency withdrawal and bridged across platforms. #DeFi https://t.co/tZ7HBUxHbg

🔴 React Server Components: 3 New CVEs Surface After React2Shell React2Shell (CVE-2025-55182 + CVE-2025-66478) spawned three more RSC vulnerabilities within days. CVE-2025-55183 leaks server-side source code including secrets when attackers coerce Server Functions to return

React2Shell (CVE-2025-55182, CVE-2025-66478)、Burpでスキャン対応してるけどどういう検知なのか見る時間がない https://t.co/dppOQySCIZ

Looks important 😨 ⚠️ CVE Update: CVE-2025-66478 is officially a duplicate of CVE-2025-55182. Same root cause: Both stem from same vulnerability. Not a false positive: Detections for 66478 remain valid. Canonical ID: Use CVE-2025-55182 moving forward. Read https://t.co/KbVX

【Next.js】CVE-2025-66478対策は、とりあえず npx fix-react2shell-next した｜div.sawa https://t.co/xW1bL8x2Hw #zenn

Recently, the core React team at Meta and the Next.js team at Vercel jointly announced two Critical security vulnerabilities: CVE-2025-55182 (React) and CVE-2025-66478 (Next.js). Both vulnerabilities have a maximum CVSS score of 10. Click the link to learn about Alibaba Cloud’

React2shell detection payload by @assetnote team (CVE-2025-55182 & CVE-2025-66478) #bugbounty #bugbountytips #infosec https://t.co/UctlZp2SGT

React Server Components（RSC）に影響する脆弱性の注意喚起📢 RSCに影響するリモートコード実行（RCE）の脆弱性 CVE-2025-55182 および CVE-2025-66478 が発表されました。 各プラットフォームのサポート情報とWafCharmでの対

アプリとは別のNextJSで運用しているサービスで、適用に手が回ってなかったCVE-2025-66478でまんまとマイニング動かされてGoogleCloudのプロジェクト止められたので皆さんもお気をつけください🫠

Why CVE-2025-55182 and CVE-2025-66478 Demand Immediate Attention: Over the past decade, some of the most damaging cyber incidents were caused not by zero-days, but by publicly disclosed CVEs that organizations failed to patch in time. We are now witnessing a similar pattern: ht

There’s a new React vulnerability making waves right now (CVE-2025-55182 / CVE-2025-66478). It affects React Server Components and certain Next.js versions, leading to a pretty serious RCE vector if you’re running the wrong setup. To help devs quickly check their apps, I bu

🚨 Critical RCE flaws CVE-2025-55182 & CVE-2025-66478 put React/Next.js apps at risk. No auth required for data theft. Barracuda Application Protection provides automatic defense & real-time updates. #BarracudaONEplatform #React2Shell #ApplicationProtectio #@barracuda

🚨 Next.js [—] Dec 10, 2025 Comprehensive Security Advisory on Critical RCE Vulnerabilities (CVE-2025-55182/CVE-2025-66478) Impacting Next.js and Associated Server-Side Ecosystem Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/zXVr9fFYTE

https://t.co/hqIG7KV4ef CVE-2025-66478 addresses a security vulnerability in Next.js that could potentially allow unauthorized access to sensitive information or allow attackers to manipulate applications built using the framework. #Developers #React #Nextjs

Fixed your Next.js app for CVE-2025-66478 yet? Run this to check if you’re vulnerable: npx fix-react2shell-next https://t.co/nkbELln0jl https://t.co/764iL9Nayf

🔴 CVE-2025-66478 & CVE-2025-55182 - Next.js RSC RCE Risk Two critical Next.js vulnerabilities in Server Components create path to remote code execution. CVE-2025-66478 lets attackers inject malicious React elements via tainted props. CVE-2025-55182 is server-side request

🚨 Next.js/RSC 10/10 VULNS are live! I'm @yz9yt. Use ReactHunter: the advanced scanner for bulk testing & specific exploits (CVE-2025-66478 bypass). Scan your apps now:👉 https://t.co/iqYX73WRDo #RSC #NextJS #infosec #bugbounty

Heard so many people on X got attacked via CVE-2025-66478; most of them are just lying, since most @nextjs .js apps are hosted on @vercel. If they're not hosted on Vercel, those teams have scale to mitigate this risk themselves. The Vercel team handled it fairly well. Opinions?