CVE-2025-55182

Overview

Meta
react-server-dom-webpack

03 Dec 2025

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

66.27%

MITRE

KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

7 Posts
2 Interactions

Last activity: 2 hours ago

Fediverse

jbz @jbz

⚠️ Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

｢ The campaign is assessed to be targeting Next.js applications that are vulnerable to CVE-2025-55182 (CVSS score: 10.0), a critical flaw in React Server Components and Next.js App Router that could result in remote code execution, for initial access, and then dropping the NEXUS Listener collection framework ｣

https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html

#nextjs #infosec #react2shell #CVE202555182

0
0
0
2h ago

Bluesky

ReconBee @reconbee.bsky.social

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts Steal Credentials reconbee.com/hackers-expl... #hackers #Nextjs #credentials #cybersecurity #cyberattack

0
1
0
16h ago

Undercode Testing @undercode.bsky.social

React2Shell Unleashed: 700+ Nextjs Servers Hacked in Massive Credential Harvesting Campaign + Video Introduction: A critical remote code execution (RCE) vulnerability in React Server Components, tracked as CVE-2025-55182 and codenamed "React2Shell", has been actively exploited by the threat actor…

0
1
0
6h ago

Ninja Owl @ninjaowl.ai

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
23h ago

キタきつね @kitafox.bsky.social

ハッカーがCVE-2025-55182を悪用し、Next.jsホスト766台に侵入、認証情報を盗み出す Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials #HackerNews (Apr 2) thehackernews.com/2026/04/hack...

0
0
0
23h ago

tamosan @tamosan.bsky.social

シークレット等がんがん盗まれているようす：Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html

0
0
0
23h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Hackers exploited CVE-2025-55182 (React2Shell) to breach 766 Next.js hosts, deploying NEXUS Listener to steal database credentials, SSH keys, and cloud tokens. Impact spans multiple regions and cloud providers. #NextjsBreach #CredentialTheft

0
0
0
14h ago

CVE-2026-33579

Overview

OpenClaw
OpenClaw

31 Mar 2026

Published

02 Apr 2026

Updated

CVSS v4.0

HIGH (8.6)

EPSS

0.01%

MITRE

KEV

Description

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes including admin access by exploiting the missing scope validation in extensions/device-pair/index.ts and src/infra/device-pairing.ts.

Statistics

3 Posts
22 Interactions

Last activity: 2 hours ago

Fediverse

Dan Goodin @dangoodin

I'm trying to understand a bit more about CVE-2026-33579, the critical vulnerability in OpenClaw. To exploit, an attacker needs low-level paring privilege permissions. How does one acquire such privileges? Can anyone do it? I'm asking because I want to understand what's required for an attacker to exploit.

Feel free to ping me at DanArs.82, or drop an answer here.

10
10
0
4h ago

nyanbinary @nyanbinary

Also, is it possible the github commit links for the patch for CVE-2026-33579 are... just wrong? That commit doesnt really seem to match the description? (Didnt fully check it yet)

0
1
0
4h ago

jesterchen42 @jesterchen

@masek Thanks for the screenshot and the reference to CVE-2026-33579 - the reddit comment has been removed. 🙏

0
1
0
2h ago

CVE-2026-3502

Overview

TrueConf
TrueConf Client

30 Mar 2026

Published

03 Apr 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

1.22%

MITRE

KEV

Description

TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

Statistics

3 Posts

Last activity: 19 hours ago

Fediverse

𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

Geopolitical tensions escalate between Algeria and Morocco, impacting European security and energy stability. In technology, IBM and Arm announced a strategic collaboration on new dual-architecture hardware for future AI and data-intensive workloads. On the cybersecurity front, CISA added a new exploited vulnerability (CVE-2026-3502) to its catalog, while L.A. Metro confirmed a mid-March hack, with systems still being restored.

#AnonNews_irc #Cybersecurity #News

0
0
0
19h ago

Bluesky

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Apr 2) CVE-2026-3502 TrueConfクライアントにおける整合性チェックなしのコードダウンロードの脆弱性 www.cisa.gov/news-events/...

0
0
0
23h ago

ohhara @shiojiri.com

CVE-2026-3502 TrueConf Client Download of Code Without Integrity Check Vulnerability

0
0
0
19h ago

CVE-2026-5281

Overview

Google
Chrome

01 Apr 2026

Published

02 Apr 2026

Updated

CVSS

Pending

EPSS

3.03%

MITRE

KEV

Description

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Statistics

3 Posts
3 Interactions

Last activity: 17 hours ago

Fediverse

Deskmodder @Deskmodder

Microsoft Edge 146.0.3856.97 korrigiert 17 Sicherheitslücken inkl. CVE-2026-5281 als Exploit

https://www.deskmodder.de/blog/2026/04/03/microsoft-edge-146-0-3856-97-korrigiert-17-sicherheitsluecken-inkl-cve-2026-5281-als-exploit/

2
1
1
17h ago

Bluesky

ohhara @shiojiri.com

CVE-2026-5281 Google Dawn Use-After-Free Vulnerability

0
0
0
19h ago

CVE-2025-70951

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

3 Posts

Last activity: 3 hours ago

Bluesky

/r/netsec @r-netsec-bot.bsky.social

New RCE in Control Web Panel (CVE-2025-70951)

0
0
1
14h ago

WarthogTK @warthogtk.bsky.social

Remote code execution in CentOS Web Panel - CVE-2025-70951 fenrisk.com/rce-centos-w...

0
0
0
3h ago

CVE-2026-20093

Overview

Cisco
Cisco Enterprise NFV Infrastructure Software

01 Apr 2026

Published

02 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.03%

MITRE

KEV

Description

A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.

Statistics

2 Posts
2 Interactions

Last activity: 10 hours ago

Bluesky

Help Net Security @helpnetsecurity.com

Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093) 🔗 Read more: www.helpnetsecurity.com/2026/04/03/c... #vulnerability #securityupdate #cybersecurity

1
1
0
10h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Cisco patches two critical flaws: an IMC auth bypass (CVE-2026-20093) allowing password changes, and an SSM On-Prem remote code execution (CVE-2026-20160). Both score 9.8 CVSS with no workaround. #Cisco #RemoteExploit #USA

0
0
0
15h ago

CVE-2026-26928

Overview

Krajowa Izba Rozliczeniowa
SzafirHost

02 Apr 2026

Published

02 Apr 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.02%

MITRE

KEV

Description

SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed by the vendor. The application doesn't verify hash or vendor's digital signature of uploaded DLL, SO, JNILIB or DYLIB file. The attacker can provide malicious file which will be saved in users /temp folder and executed by the application. This issue was fixed in version 1.1.0.

Statistics

1 Post
3 Interactions

Last activity: 13 hours ago

Fediverse

Bezpieka Nadaje @bezpieka

Ciekawy błąd, 0/1 click RCE w oprogramowaniu związanym z Szafir/KIR służącym do elektronicznych podpisów, używanym przez 900k użytkowników.
Tldr: wchodzisz w link, (niekoniecznie) klikasz "ok" w zespoofowanym okienku, dostajesz malware.
Research: Michał Leszczyński
https://www.cve.org/CVERecord?id=CVE-2026-26928

3
0
0
13h ago

CVE-2026-21643

Overview

Fortinet
FortiClientEMS

06 Feb 2026

Published

31 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.07%

MITRE

KEV

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

1 Post
1 Interaction

Last activity: 6 hours ago

Fediverse

elhacker.NET @elhackernet

Vulnerabilidad SQLi está siendo explotada en Fortinet FortiClient EMS (CVE-2026-21643)

https://blog.elhacker.net/2026/04/vulnerabilidad-sqli-esta-siendo.html

0
1
0
6h ago

CVE-2026-22812

Overview

anomalyco
opencode

12 Jan 2026

Published

13 Jan 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

3.55%

MITRE

KEV

Description

OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process (or any website via permissive CORS) to execute arbitrary shell commands with the user's privileges. This vulnerability is fixed in 1.0.216.

Statistics

1 Post

Last activity: Last hour

Bluesky

今日視界 @g0rosato.bsky.social

【成功復現】OpenCode遠程代碼執行漏洞(CVE-2026-22812)

0
0
0
Last hour

CVE-2026-33105

Overview

Microsoft
Azure Kubernetes Service

02 Apr 2026

Published

03 Apr 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

0.05%

MITRE

KEV

Description

Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

Vito Botta @vitobotta

CVE-2026-33105 hits Azure Kubernetes Service with CVSS 10.0. Unauthenticated remote privilege escalation - Microsoft patched it but check your AKS clusters. Critical severity, no user interaction required.

0
0
0
10h ago