CVE-2025-55182: Meta React Server Components

What is CVE-2025-55182?

Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.

CVSS10 NVD 3.1

SeverityCRITICAL

Exploitation In the wild In CISA KEV

Triage statusActive Exploit

ActionPatch immediately

CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Meta React Server Components Remote Code Execution Vulnerability

Added to KEV2025-12-05

Federal patch deadline2025-12-12

Known ransomware useKnown

Affected product

Meta React Server Components

Remediation Steps

Identify all Next.js applications using React2Shell component
Update React2Shell dependency to patched version immediately
Scan application logs for credential theft exploitation attempts
Reset all potentially exposed credentials and API keys
Implement input validation and output encoding for component usage
Deploy Web Application Firewall rules to block exploitation patterns

References

Coverage on defend.network

Vulnerability Priority Report – Week 15 of April 2026 (April 6 – 12)
Next.js, Cisco IMC, Progress ShareFile exploited; $280M DPRK theft (2026-04-03)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.