VERY IMPORTANT

CVE-2025-55182, also known as React2Shell, is a critical pre-authentication remote code execution vulnerability affecting React Server Components and related frameworks. With a CVSS score of 10.0, it allows attackers to execute arbitrary code on vulnerable servers through a single malicious HTTP request. Exploitation has been detected since December 5, 2025, primarily in red team assessments but also in real-world attacks delivering coin miners. The vulnerability stems from a failure to validate incoming payloads in React Server Components, enabling attackers to inject malicious structures leading to prototype pollution and remote code execution. Post-exploitation activities include running reverse shells, achieving persistence, evading security defenses, and attempting lateral movement to cloud resources.