CVE-2025-55184

This repository contains a professional-grade exploitation framework for CVE-2025-55184, a high-severity Denial of Service (DoS) vulnerability affecting React Server Components (RSC) implementations. The tool includes multiple attack modes, WAF bypass techniques, and a sustained attack feature.

The repository contains a scanner for CVE-2024-21762, a Fortinet SSL VPN vulnerability, which checks for the presence of the vulnerability by sending crafted HTTP requests. It includes Python scripts to test individual hosts or lists of IPs for vulnerability status.

This repository contains a Python-based scanner for detecting CVE-2025-55184, a DoS vulnerability in React Server Components. The tool sends a crafted payload to the `/_rsc` endpoint and measures response time to determine vulnerability.

The PoC demonstrates a DoS vulnerability in Next.js and Waku by sending a malformed multipart request with a specific payload. The exploit triggers a crash in the target application by leveraging improper handling of the multipart form data.

This repository contains a Python-based scanner for CVE-2025-55184, a DoS vulnerability in React Server Components caused by malformed RSC payloads leading to infinite resolution loops. The tool sends a crafted JSON payload to the target endpoint and checks for delays or timeouts indicative of vulnerability.

This repository contains a frontend UI for OpsGuard, a simulation dashboard designed to visualize an autonomous SRE agent's workflow. It includes setup instructions, feature descriptions, and customization details but does not contain exploit code or offensive techniques.

The repository contains a Python-based scanner for detecting CVE-2025-55184, targeting potential vulnerabilities in frameworks like Next.js, Waku, and Remix. It includes fingerprinting, WAF bypass techniques, and payload testing but lacks actual exploit code for achieving RCE or other offensive actions.

This repository contains a proof-of-concept exploit for CVE-2025-55184 and CVE-2025-67779, targeting React Flight Server with a DoS attack via crafted cyclic references in server components. The exploit triggers an infinite loop by pre-initializing a cycle (B -> C -> B) before accessing the victim chunk (A).

The repository lacks actual exploit code and instead directs users to download a script from an external release page. The README is vague, lacks technical details about CVE-2025-55184, and uses marketing language typical of social engineering lures.

This repository provides a minimal intentionally vulnerable Next.js environment to test security scanners against CVE-2025-55182, a critical RCE vulnerability affecting React Server Components. It includes a PoC HTTP payload for exploiting the deserialization flaw in vulnerable versions of Next.js and React.

This Go-based exploit sends multiple concurrent HTTP POST requests with a malformed multipart form to trigger a DoS condition in the target software. The payload `$@0` is sent in a file part, which appears to exploit a parsing vulnerability.

The repository contains a Python script designed to scan for CVE-2025-55184, a DoS vulnerability in React Server Components. It sends a crafted payload to the `/_rsc` endpoint and checks for excessive response time or timeout, indicating potential vulnerability.

This repository provides a comprehensive technical analysis of CVE-2025-55184, detailing its root cause, exploitation mechanism, and impact. It includes documentation, exploit code, and a scanner for detection.