1. Home
  2. Vulnerabilities
  3. CVE-2025-66478
0.0
NA
CVE-2025-66478
Apache Struts Remote Code Execution Vulnerability
Description

Rejected reason: This CVE is a duplicate of CVE-2025-55182.

INFO

Published Date :

Dec. 3, 2025, 6:15 p.m.

Last Modified :

Dec. 3, 2025, 6:15 p.m.

Remotely Exploit :

No

Source :

[email protected]
Affected Products

The following products are affected by CVE-2025-66478 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Vercel next.js
: Total Affected Vendor : 1 | Products : 1
Solution
Apply security patches and updates from the vendor to fix the vulnerability.
  • Apply vendor security patches.
  • Update the affected software.
  • Review system configurations.
Public PoC/Exploit Available at Github

CVE-2025-66478 has a 365 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
rootandbeer/react2shell

None

Shell Python Dockerfile TypeScript CSS JavaScript

Updated: 5 hours, 42 minutes ago
0 stars 0 fork 0 watcher
Born at : Jan. 1, 2026, 2:17 a.m. This repo has been linked 2 different CVEs too.
Profile Photo
Goultarde/CVE-2025-55182-React2Shell-Lab

None

Dockerfile TypeScript JavaScript CSS Python

Updated: 17 hours, 13 minutes ago
0 stars 0 fork 0 watcher
Born at : Dec. 31, 2025, 2:20 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
NAYLINNU/CVE-2025-66478

None

Updated: 1 day, 1 hour ago
0 stars 0 fork 0 watcher
Born at : Dec. 31, 2025, 6:32 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
PabloVasi23/suplementos-noroeste-tuc

None

JavaScript TypeScript CSS

Updated: 13 hours, 36 minutes ago
0 stars 0 fork 0 watcher
Born at : Dec. 30, 2025, 9:38 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
hndko/react2shell-rce-autobot

🎯 Automated vulnerability scanner for React2Shell RCE - Google dorking + safe detection for CVE-2025-55182/CVE-2025-66478 (CVSS 10.0)

Python

Updated: 1 day, 17 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 30, 2025, 3:12 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
git0xLai/React2ShellPoC

This repository provides a proof-of-concept for CVE-2025-55182 (React2Shell), a remote code execution vulnerability in React Server Components. It demonstrates how the exploit works, including the payload and impact.

Updated: 20 hours, 23 minutes ago
0 stars 0 fork 0 watcher
Born at : Dec. 30, 2025, 11:44 a.m. This repo has been linked 2 different CVEs too.
Profile Photo
2flyfish/cves

None

Python HTML

Updated: 1 day, 22 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 30, 2025, 7:08 a.m. This repo has been linked 83 different CVEs too.
Profile Photo
DevilDraco-Phoenix/React-Shell

None

Python

Updated: 4 days, 5 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 28, 2025, 3 a.m. This repo has been linked 2 different CVEs too.
Profile Photo
follow-prince/RSC-Scanner-Toolkit

None

Python

Updated: 4 days, 13 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 27, 2025, 6:39 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
Muskan255/gentellesse

None

JavaScript TypeScript

Updated: 3 days, 12 hours ago
3 stars 0 fork 0 watcher
Born at : Dec. 27, 2025, 6 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
staruhub/Healthapp

One lightweight health app

Python Mako TypeScript CSS JavaScript

Updated: 1 day, 6 hours ago
13 stars 2 fork 2 watcher
Born at : Dec. 27, 2025, 3:16 a.m. This repo has been linked 4 different CVEs too.
Profile Photo
pthanh/storyteller-platform-mirrored-from-gitlab

storyteller-platform-mirrored-from-gitlab

Shell JavaScript Dockerfile TypeScript Nix CSS Kotlin Swift Ruby C

Updated: 6 days, 4 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 26, 2025, 2:54 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
sobuj0007/Nextjs_RCE_Exploit_Tool

🔍 Exploit CVE-2025-55182 in Next.js with this versatile tool for security research, featuring advanced payloads and WAF bypass techniques.

Go

Updated: 3 days, 2 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 25, 2025, 7:28 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
thedarckpassenger/Next.js-RSC-RCE-Scanner-CVE-2025-66478

🔍 Scan Next.js apps for CVE-2025-66478 vulnerability detection with this command-line tool, ensuring your applications remain secure and unaffected.

cve cve-2025-55182 cve-2025-66478 cve-scanning cybersecurity nextjs penetration-testing rce react-server-components security-scanner vulnerability-scanner

Updated: 6 days, 13 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 25, 2025, 7:01 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
pthanh/storyteller-platform-gitlab

a mirror of storyteller-platform-gitlab

Shell JavaScript Dockerfile TypeScript Nix Kotlin Swift Ruby C CSS

Updated: 6 days, 18 hours ago
0 stars 0 fork 0 watcher
Born at : Dec. 25, 2025, 8:09 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-66478 vulnerability anywhere in the article.

  • The Cyber Express
59,000 Servers Breached: Operation PCPcat Targets React and Next.js at Internet Scale

A large-scale cyber espionage operation known as Operation PCPcat has shaken the modern web infrastructure, compromising more than 59,000 servers in just 48 hours. The campaign targets systems built o ... Read more

Published Date: Dec 24, 2025 (1 week ago)
  • CybersecurityNews
Operation PCPcat Hacked 59,000+ Next.js/React Servers Within 48 Hours

A massive credential-theft campaign dubbed PCPcat compromised 59,128 Next.js servers in under 48 hours. The operation exploits critical vulnerabilities CVE-2025-29927 and CVE-2025-66478, achieving a 6 ... Read more

Published Date: Dec 24, 2025 (1 week, 1 day ago)
  • Daily CyberSecurity
Operation PCPcat: 60,000 Next.js Servers Hijacked in Just 48 Hours

A highly automated and ruthlessly efficient cyber-espionage campaign is tearing through the cloud infrastructure of modern web applications, leaving tens of thousands of compromised servers in its wak ... Read more

Published Date: Dec 24, 2025 (1 week, 1 day ago)
  • CybersecurityNews
Cybersecurity Weekly Recap – PornHub Breach, Cisco 0-Day, Amazon Detains DPRK IT Worker, and more

In a week that revealed the flaws in digital trust, cybersecurity headlines were filled with high-profile breaches, zero-day exploits, and bold nation-state espionage. Attackers claimed to have swiped ... Read more

Published Date: Dec 21, 2025 (1 week, 3 days ago)
  • The Hacker News
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor, according to findings from Palo Alto Networks Unit 42 and NTT ... Read more

Published Date: Dec 16, 2025 (2 weeks, 2 days ago)
  • CybersecurityNews
New PCPcat Exploiting React2Shell Vulnerability to compromise 59,000+ Servers

A new malware campaign called PCPcat has successfully compromised more than 59,000 servers in under 48 hours through targeted exploitation of critical vulnerabilities in Next.js and React frameworks. ... Read more

Published Date: Dec 15, 2025 (2 weeks, 2 days ago)
  • BleepingComputer
Google links more Chinese hacking groups to React2Shell attacks

​Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity "React2Shell" remote code execution vulnerability. Tracked as C ... Read more

Published Date: Dec 15, 2025 (2 weeks, 2 days ago)
  • The Register
New React vulns leak secrets, invite DoS attacks

If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Se ... Read more

Published Date: Dec 12, 2025 (2 weeks, 5 days ago)
  • Google Cloud
Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)

Written by: Aragorn Tseng, Robert Weiner, Casey Charrier, Zander Work, Genevieve Stark, Austin Larsen Introduction On Dec. 3, 2025, a critical unauthenticated remote code execution (RCE) vulnerability ... Read more

Published Date: Dec 12, 2025 (2 weeks, 5 days ago)
  • The Register
Half of exposed React servers remain unpatched amid active exploitation

Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters rangi ... Read more

Published Date: Dec 12, 2025 (2 weeks, 5 days ago)
  • Daily CyberSecurity
“React2Shell” Crisis: Critical Vulnerability Triggers Global Cyberattacks by State-Sponsored Groups

A critical security flaw in the popular React web framework has ignited a wave of cyberattacks, with state-sponsored actors and cybercriminals rushing to exploit the vulnerability before organizations ... Read more

Published Date: Dec 11, 2025 (3 weeks ago)
  • CybersecurityNews
Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities

PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE- ... Read more

Published Date: Dec 09, 2025 (3 weeks, 2 days ago)
  • Huntress
PeerBlight Linux Backdoor Exploits React2Shell CVE-2025-55182

TL;DR: Huntress is seeing threat actors exploit a vulnerability in React Server Components (CVE-2025-55182) across several organizations in our customer base. Attackers have attempted to deploy crypto ... Read more

Published Date: Dec 09, 2025 (3 weeks, 2 days ago)
  • CybersecurityNews
Next.js Released a Scanner to Detect and Update Apps Impacted by React2Shell Vulnerability

A dedicated command-line tool, fix-react2shell-next, to help developers immediately detect and patch the critical “React2Shell” vulnerability (CVE-2025-66478). This new scanner offers a one-line solut ... Read more

Published Date: Dec 08, 2025 (3 weeks, 3 days ago)
  • nextron-systems.com
React Server Components & Next.js Vulnerabilities – Status of Nextron Products

Over the past days, many of our customers have seen reports about a critical remote code execution vulnerability in React Server Components (CVE-2025-55182) and the related Next.js vulnerability (CVE- ... Read more

Published Date: Dec 07, 2025 (3 weeks, 3 days ago)
  • SentinelOne
From React to Remote Code – Protecting Against the Critical React2Shell RCE Exposure

A critical remote code execution (RCE) vulnerability, dubbed ‘React2Shell’, affecting React Server Components (RSC) and Next.js, is allowing unauthenticated attackers to perform server-side code attac ... Read more

Published Date: Dec 05, 2025 (3 weeks, 5 days ago)
  • SentinelOne
From React to Remote Code – Protecting Against the Critical React2Shell RCE Exposure

A critical remote code execution (RCE) vulnerability, dubbed ‘React2Shell’, affecting React Server Components (RSC) and Next.js, is allowing unauthenticated attackers to perform server-side code attac ... Read more

Published Date: Dec 05, 2025 (3 weeks, 5 days ago)
  • SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 49

The Good | Authorities Jail WiFi Hacker, Seize €1.3B Crypto Mixer & Charge Two Malicious Insiders An Australian national has received just over seven years in prison for running “evil twin” WiFi netwo ... Read more

Published Date: Dec 05, 2025 (3 weeks, 5 days ago)
  • SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 49

The Good | Authorities Jail WiFi Hacker, Seize €1.3B Crypto Mixer & Charge Two Malicious Insiders An Australian national has received just over seven years in prison for running “evil twin” WiFi netwo ... Read more

Published Date: Dec 05, 2025 (3 weeks, 5 days ago)
  • The Hacker News
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability

Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) ... Read more

Published Date: Dec 05, 2025 (3 weeks, 5 days ago)

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-66478 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by [email protected]

    Dec. 03, 2025

    Action Type Old Value New Value
  • New CVE Received by [email protected]

    Dec. 03, 2025

    Action Type Old Value New Value
    Added Description Rejected reason: This CVE is a duplicate of CVE-2025-55182.
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.