Critical Vulnerability

Next.js RSC/Server Actions RCE Scanner

CVE-2025-55182

This scanner detects the critical Remote Code Execution (RCE) vulnerability affecting Next.js applications using React Server Components (RSC) and Server Actions. Attackers can exploit this vulnerability to execute arbitrary code on vulnerable servers.

Vulnerability Details

Type: Remote Code Execution (RCE)
Affected: Next.js applications with Server Actions enabled
Scan Time: Results delivered within minutes

How Detection Works

Our scanner sends a specially crafted payload to detect if the target application is vulnerable to prototype pollution attacks via Server Actions. The test is non-destructive and only checks for vulnerability indicators in the response.

Based on Assetnote Security Research

CVE-2025-55182 Resources

NVD: Official CVE Details
Vercel: Official Changelog & Advisory
React2Shell: Vulnerability Research & PoC
GitHub: React Security Advisory

Next.js RSC/Server Actions RCE Scanner

Vulnerability Details

How Detection Works

CVE-2025-55182 Resources

Start Free Scan

Next.js RSC/Server Actions RCE Scanner

Vulnerability Details

How Detection Works

CVE-2025-55182 Resources

Start Free Scan