_tthemzdl5678

3 exploits Active since Dec 2025
CVE-2025-55182 GITLAB CRITICAL WORKING POC
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
CVSS 10.0
CVE-2025-54100 GITLAB HIGH WORKING POC
Windows PowerShell - Unauthenticated Command Injection
Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.
CVSS 7.8
CVE-2025-13780 GITLAB CRITICAL SCANNER
pgAdmin < 9.10 - Remote Code Execution via PLAIN-Format Dump File Restore
pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical risk to the integrity and security of the database management system and underlying data.
CVSS 9.1