CVE-2025-55183

This repository provides a script to automate the patching of Next.js applications affected by CVE-2025-55183 (Source Code Exposure) and related vulnerabilities. It uses the official Vercel fix tool to scan and update dependencies across GitHub repositories.

This repository provides a Nuclei template for detecting CVE-2025-55183, a source code disclosure vulnerability in Next.js React Server Components (RSC) / Server Actions. The vulnerability allows attackers to retrieve server-side JavaScript source code via crafted HTTP requests.

This repository contains a working proof-of-concept for CVE-2025-55183 (source code exposure) and CVE-2025-55184 (denial of service) in React Server Components. It includes a vulnerable application, scanner, and exploit scripts for both vulnerabilities.

This PoC exploits a source code disclosure vulnerability in Next.js React Server Components (RSC) by crafting a malicious HTTP request to leak server function source code. It automates the discovery of JavaScript chunks, extraction of action IDs, and exploitation via a multipart/form-data payload.

The repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and functional code.

This repository contains a scanner for CVE-2025-55183, which exploits a vulnerability in React Server Functions to expose source code and secrets. The scanner extracts Server Action IDs and sends crafted POST requests to trigger the vulnerability.

This repository contains a Python-based scanner for detecting CVE-2025-55183, a Next.js React Server Components (RSC) source code disclosure vulnerability. The scanner automates the discovery of vulnerable endpoints by extracting JavaScript chunk paths and server action IDs, then testing for source code leakage via malicious requests.