Rapid7
@rapid7.com
Rapid7 can help you command your attack surface, smash silos, stay steps ahead of attackers, and take breaches from “inevitable” to preventable. Rapid7 technology, services, and research give organizations around the world control.
🔗: rapid7.com
🔗: rapid7.com
What happens when stolen credit card data is sold like a service? 💳
Dump shops have evolved into carding-as-a-service (CaaS) marketplaces bundling stolen card data, tools, and support.
A new blog explores how these illegal marketplaces operate: https://r-7.co/463WvAF
Dump shops have evolved into carding-as-a-service (CaaS) marketplaces bundling stolen card data, tools, and support.
A new blog explores how these illegal marketplaces operate: https://r-7.co/463WvAF
February 12, 2026 at 2:28 PM
What happens when stolen credit card data is sold like a service? 💳
Dump shops have evolved into carding-as-a-service (CaaS) marketplaces bundling stolen card data, tools, and support.
A new blog explores how these illegal marketplaces operate: https://r-7.co/463WvAF
Dump shops have evolved into carding-as-a-service (CaaS) marketplaces bundling stolen card data, tools, and support.
A new blog explores how these illegal marketplaces operate: https://r-7.co/463WvAF
For February’s #PatchTuesday, Microsoft published 55 vulnerabilities.
6 are already being exploited in the wild, and 3 were publicly disclosed before patches were released. Here's what to know before you patch: https://r-7.co/4rcV1fX
6 are already being exploited in the wild, and 3 were publicly disclosed before patches were released. Here's what to know before you patch: https://r-7.co/4rcV1fX
February 11, 2026 at 9:13 PM
For February’s #PatchTuesday, Microsoft published 55 vulnerabilities.
6 are already being exploited in the wild, and 3 were publicly disclosed before patches were released. Here's what to know before you patch: https://r-7.co/4rcV1fX
6 are already being exploited in the wild, and 3 were publicly disclosed before patches were released. Here's what to know before you patch: https://r-7.co/4rcV1fX
Each week, headlines warn of AI-driven jailbreaks, agents gone rogue, and LLM-enabled cybercrime – raising important questions, but rarely answering the most basic one:
What does the attack surface of today's AI systems actually look like? Rapid7's Christiaan Beek ran the numbers: r-7.co/4r9aq0B
What does the attack surface of today's AI systems actually look like? Rapid7's Christiaan Beek ran the numbers: r-7.co/4r9aq0B
Measuring AI Security: What MCP Exposure Really Shows
Real-world research into AI security risk using Model Context Protocol servers, separating measurable exposure from fear-driven narratives.
r-7.co
February 10, 2026 at 6:14 PM
Each week, headlines warn of AI-driven jailbreaks, agents gone rogue, and LLM-enabled cybercrime – raising important questions, but rarely answering the most basic one:
What does the attack surface of today's AI systems actually look like? Rapid7's Christiaan Beek ran the numbers: r-7.co/4r9aq0B
What does the attack surface of today's AI systems actually look like? Rapid7's Christiaan Beek ran the numbers: r-7.co/4r9aq0B
🚨 On 2/6/26, #BeyondTrust disclosed a critical RCE vulnerability affecting its Remote Support (RS) and Privileged Remote Access (PRA) products.
The flaw has been assigned CVE-2026-1731 and a near-maximum CVSSv4 score of 9.9.
More in the Rapid7 blog: r-7.co/4arAjln
The flaw has been assigned CVE-2026-1731 and a near-maximum CVSSv4 score of 9.9.
More in the Rapid7 blog: r-7.co/4arAjln
CVE-2026-1731: Critical Unauthenticated Remote Code Execution in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
Rapid7 Website
r-7.co
February 9, 2026 at 6:47 PM
🚨 On 2/6/26, #BeyondTrust disclosed a critical RCE vulnerability affecting its Remote Support (RS) and Privileged Remote Access (PRA) products.
The flaw has been assigned CVE-2026-1731 and a near-maximum CVSSv4 score of 9.9.
More in the Rapid7 blog: r-7.co/4arAjln
The flaw has been assigned CVE-2026-1731 and a near-maximum CVSSv4 score of 9.9.
More in the Rapid7 blog: r-7.co/4arAjln
Your Friday reading sorted: Rapid7's findings around the 'Chrysalis' backdoor & Notepad++ compromise made their media rounds this week.
Dive into some of the top pieces below:
🗞️ Reuters: r-7.co/4qhvpNH
🗞️ TechCrunch: r-7.co/4tcjuTQ
🗞️ BleepingComputer: r-7.co/4kkDEHp
🗞️ The Hacker News: r-7.co/4cfkgJD
Dive into some of the top pieces below:
🗞️ Reuters: r-7.co/4qhvpNH
🗞️ TechCrunch: r-7.co/4tcjuTQ
🗞️ BleepingComputer: r-7.co/4kkDEHp
🗞️ The Hacker News: r-7.co/4cfkgJD
February 6, 2026 at 4:00 PM
Your Friday reading sorted: Rapid7's findings around the 'Chrysalis' backdoor & Notepad++ compromise made their media rounds this week.
Dive into some of the top pieces below:
🗞️ Reuters: r-7.co/4qhvpNH
🗞️ TechCrunch: r-7.co/4tcjuTQ
🗞️ BleepingComputer: r-7.co/4kkDEHp
🗞️ The Hacker News: r-7.co/4cfkgJD
Dive into some of the top pieces below:
🗞️ Reuters: r-7.co/4qhvpNH
🗞️ TechCrunch: r-7.co/4tcjuTQ
🗞️ BleepingComputer: r-7.co/4kkDEHp
🗞️ The Hacker News: r-7.co/4cfkgJD
After publishing our analysis of the Chrysalis backdoor (and Notepad++ compromise), customers & security teams had questions.
👉 Find an FAQ rundown in our latest blog, plus a link to Christiaan Beek's "Inside Chrysalis" session, now available on demand: r-7.co/3MrkJxZ
👉 Find an FAQ rundown in our latest blog, plus a link to Christiaan Beek's "Inside Chrysalis" session, now available on demand: r-7.co/3MrkJxZ
Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next
When Rapid7 published its analysis of the Chrysalis backdoor linked to a compromise of Notepad++ update infrastructure, it raised understandable questions from customers and security teams. Find answe...
r-7.co
February 5, 2026 at 3:02 PM
After publishing our analysis of the Chrysalis backdoor (and Notepad++ compromise), customers & security teams had questions.
👉 Find an FAQ rundown in our latest blog, plus a link to Christiaan Beek's "Inside Chrysalis" session, now available on demand: r-7.co/3MrkJxZ
👉 Find an FAQ rundown in our latest blog, plus a link to Christiaan Beek's "Inside Chrysalis" session, now available on demand: r-7.co/3MrkJxZ
🔎 Rapid7 Labs, alongside our MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group #LotusBlossom.
Find a deep technical analysis of the custom backdoor 'Chrysalis', Notepad++, Warbird, and more in our latest blog: r-7.co/4kaerPA
Find a deep technical analysis of the custom backdoor 'Chrysalis', Notepad++, Warbird, and more in our latest blog: r-7.co/4kaerPA
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit
Rapid7 Labs, together with the Rapid7 MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group Lotus Blossom.
r-7.co
February 2, 2026 at 6:17 PM
🔎 Rapid7 Labs, alongside our MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group #LotusBlossom.
Find a deep technical analysis of the custom backdoor 'Chrysalis', Notepad++, Warbird, and more in our latest blog: r-7.co/4kaerPA
Find a deep technical analysis of the custom backdoor 'Chrysalis', Notepad++, Warbird, and more in our latest blog: r-7.co/4kaerPA
🚨 On 1/29/26, #Ivanti disclosed 2 new critical vulnerabilities affecting Endpoint Manager Mobile (EPMM): CVE-2026-1281 & CVE-2026-1340.
The vendor has indicated that exploitation in the wild has already occurred prior to disclosure. More in our blog: r-7.co/4qZBsaH
The vendor has indicated that exploitation in the wild has already occurred prior to disclosure. More in our blog: r-7.co/4qZBsaH
Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)
On January 29, 2026, Ivanti disclosed two new critical vulnerabilities affecting Endpoint Manager Mobile (EPMM): CVE-2026-1281 and CVE-2026-1340. The vendor has indicated that exploitation in the wild...
r-7.co
January 30, 2026 at 4:24 PM
🚨 On 1/29/26, #Ivanti disclosed 2 new critical vulnerabilities affecting Endpoint Manager Mobile (EPMM): CVE-2026-1281 & CVE-2026-1340.
The vendor has indicated that exploitation in the wild has already occurred prior to disclosure. More in our blog: r-7.co/4qZBsaH
The vendor has indicated that exploitation in the wild has already occurred prior to disclosure. More in our blog: r-7.co/4qZBsaH
Which #Microsoft vulnerabilities were of the most value to attackers in 2025? Turns out, the more things change, the more they stay the same.
Tech debt, backwards compatibility, elevations of privilege, and a dash of AI – this blog's got it all. Dive in: r-7.co/4qaqduX
Tech debt, backwards compatibility, elevations of privilege, and a dash of AI – this blog's got it all. Dive in: r-7.co/4qaqduX
January 28, 2026 at 6:08 PM
Which #Microsoft vulnerabilities were of the most value to attackers in 2025? Turns out, the more things change, the more they stay the same.
Tech debt, backwards compatibility, elevations of privilege, and a dash of AI – this blog's got it all. Dive in: r-7.co/4qaqduX
Tech debt, backwards compatibility, elevations of privilege, and a dash of AI – this blog's got it all. Dive in: r-7.co/4qaqduX
🚨 On 1/28/26, #SolarWinds published an advisory for multiple new vulns affecting their Web Help Desk product.
Of the 6 new CVEs, 4 are critical, and allow a remote attacker to either achieve unauthenticated RCE or bypass authentication. Read on: r-7.co/4rgPjsR
Of the 6 new CVEs, 4 are critical, and allow a remote attacker to either achieve unauthenticated RCE or bypass authentication. Read on: r-7.co/4rgPjsR
Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
SolarWinds has published an advisory for multiple new vulnerabilities affecting their Web Help Desk product. Stay up to date with a new Rapid7 blog.
r-7.co
January 28, 2026 at 3:07 PM
🚨 On 1/28/26, #SolarWinds published an advisory for multiple new vulns affecting their Web Help Desk product.
Of the 6 new CVEs, 4 are critical, and allow a remote attacker to either achieve unauthenticated RCE or bypass authentication. Read on: r-7.co/4rgPjsR
Of the 6 new CVEs, 4 are critical, and allow a remote attacker to either achieve unauthenticated RCE or bypass authentication. Read on: r-7.co/4rgPjsR
🌐 Geopolitics, insider risk, and threat intel have long influenced our world's cyber operations. What's changing is how they're now affecting everyday, company-level security decisions.
Read on and find a link to Rapid7's year-end session on demand here: r-7.co/4b9aQz3
Read on and find a link to Rapid7's year-end session on demand here: r-7.co/4b9aQz3
From Signals to Strategy: What Security Teams Must Prepare for in 2026
Geopolitics, insider risk, and threat intelligence have long influenced cyber operations; what has changed is the extent to which they directly affect everyday security decisions. More distillations f...
r-7.co
January 22, 2026 at 3:50 PM
🌐 Geopolitics, insider risk, and threat intel have long influenced our world's cyber operations. What's changing is how they're now affecting everyday, company-level security decisions.
Read on and find a link to Rapid7's year-end session on demand here: r-7.co/4b9aQz3
Read on and find a link to Rapid7's year-end session on demand here: r-7.co/4b9aQz3
🆕 Rapid7 MDR now delivers preemptive detection, investigation, & response for Microsoft environments.
Defender signals are integrated into Rapid7 MDR, where they are monitored and investigated by our SOC with exposure and asset risk context. Learn more: https://r-7.co/4a5emcw
Defender signals are integrated into Rapid7 MDR, where they are monitored and investigated by our SOC with exposure and asset risk context. Learn more: https://r-7.co/4a5emcw
January 21, 2026 at 2:02 PM
🆕 Rapid7 MDR now delivers preemptive detection, investigation, & response for Microsoft environments.
Defender signals are integrated into Rapid7 MDR, where they are monitored and investigated by our SOC with exposure and asset risk context. Learn more: https://r-7.co/4a5emcw
Defender signals are integrated into Rapid7 MDR, where they are monitored and investigated by our SOC with exposure and asset risk context. Learn more: https://r-7.co/4a5emcw
🚨 In November 2025, a critical vuln. was patched in #n8n, a popular piece of automation software.
The advisory for (what the finders have dubbed) #Ni8mare was published on January 7, 2026 – now tracked as CVE-2026-21858 with a CVSS score of 10.0.
More: r-7.co/3Z3aGBP
The advisory for (what the finders have dubbed) #Ni8mare was published on January 7, 2026 – now tracked as CVE-2026-21858 with a CVSS score of 10.0.
More: r-7.co/3Z3aGBP
Ni8mare and N8scape flaws among multiple critical vulnerabilities affecting n8n
On November 18, 2025, a patched release was published for a critical unauthenticated file read vulnerability in n8n, a popular piece of automation software. Read more in the Rapid7 blog.
r-7.co
January 8, 2026 at 9:31 PM
🚨 In November 2025, a critical vuln. was patched in #n8n, a popular piece of automation software.
The advisory for (what the finders have dubbed) #Ni8mare was published on January 7, 2026 – now tracked as CVE-2026-21858 with a CVSS score of 10.0.
More: r-7.co/3Z3aGBP
The advisory for (what the finders have dubbed) #Ni8mare was published on January 7, 2026 – now tracked as CVE-2026-21858 with a CVSS score of 10.0.
More: r-7.co/3Z3aGBP
New year, same mission: helping teams take command of the attack surface. 💥
Wishing you a secure New Year from Rapid7!
Wishing you a secure New Year from Rapid7!
January 1, 2026 at 4:19 PM
New year, same mission: helping teams take command of the attack surface. 💥
Wishing you a secure New Year from Rapid7!
Wishing you a secure New Year from Rapid7!
Here are the top 3 predictions Rapid7 experts are seeing for 2026 👇
Now available on demand, Rapid7’s cybersecurity predictions webinar breaks down what those shifts could mean for security teams in the year ahead: https://r-7.co/4j48Wlf
Now available on demand, Rapid7’s cybersecurity predictions webinar breaks down what those shifts could mean for security teams in the year ahead: https://r-7.co/4j48Wlf
December 30, 2025 at 6:53 PM
Here are the top 3 predictions Rapid7 experts are seeing for 2026 👇
Now available on demand, Rapid7’s cybersecurity predictions webinar breaks down what those shifts could mean for security teams in the year ahead: https://r-7.co/4j48Wlf
Now available on demand, Rapid7’s cybersecurity predictions webinar breaks down what those shifts could mean for security teams in the year ahead: https://r-7.co/4j48Wlf
🚨 On 12/19/25, MongoDB Inc. disclosed a critical new vuln. affecting #MongoDB – one of the most popular document-oriented databases.
CVE-2025-14847, or #MongoBleed, is a high-severity unauthenticated memory leak. More in the Rapid7 blog: r-7.co/4piWbER
CVE-2025-14847, or #MongoBleed, is a high-severity unauthenticated memory leak. More in the Rapid7 blog: r-7.co/4piWbER
MongoBleed CVE-2025-1484: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data
On December 19, 2025, MongoDB Inc. disclosed a critical new vulnerability, CVE-2025-14847, which has since been dubbed MongoBleed. This vulnerability is a high-severity unauthenticated memory leak aff...
r-7.co
December 29, 2025 at 2:27 PM
🚨 On 12/19/25, MongoDB Inc. disclosed a critical new vuln. affecting #MongoDB – one of the most popular document-oriented databases.
CVE-2025-14847, or #MongoBleed, is a high-severity unauthenticated memory leak. More in the Rapid7 blog: r-7.co/4piWbER
CVE-2025-14847, or #MongoBleed, is a high-severity unauthenticated memory leak. More in the Rapid7 blog: r-7.co/4piWbER
🖨️ Advancements in #MFP devices allow them to be conveniently integrated throughout enterprise environments. But they're often left overlooked & underprotected – breeding far-reaching security implications.
Dive into the latest research from Rapid7: r-7.co/44u48zq
Dive into the latest research from Rapid7: r-7.co/44u48zq
December 23, 2025 at 2:11 PM
🖨️ Advancements in #MFP devices allow them to be conveniently integrated throughout enterprise environments. But they're often left overlooked & underprotected – breeding far-reaching security implications.
Dive into the latest research from Rapid7: r-7.co/44u48zq
Dive into the latest research from Rapid7: r-7.co/44u48zq
🚨 On 12/17/25, Hewlett Packard (#HP) Enterprise published an advisory for CVE-2025-37164, a vuln in HPE OneView.
Assigned a CVSS score of 10.0, it facilitates unauth. RCE on versions of #OneView before 11.0. Find our hotfix analysis & more in the Rapid7 blog: r-7.co/4pE9rVs
Assigned a CVSS score of 10.0, it facilitates unauth. RCE on versions of #OneView before 11.0. Find our hotfix analysis & more in the Rapid7 blog: r-7.co/4pE9rVs
CVE-2025-37164: Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView
On December 17, 2025, Hewlett Packard Enterprise (HPE) published an advisory for CVE-2025-37164, a CVSS 10.0 vulnerability in HPE OneView.
r-7.co
December 18, 2025 at 6:17 PM
🚨 On 12/17/25, Hewlett Packard (#HP) Enterprise published an advisory for CVE-2025-37164, a vuln in HPE OneView.
Assigned a CVSS score of 10.0, it facilitates unauth. RCE on versions of #OneView before 11.0. Find our hotfix analysis & more in the Rapid7 blog: r-7.co/4pE9rVs
Assigned a CVSS score of 10.0, it facilitates unauth. RCE on versions of #OneView before 11.0. Find our hotfix analysis & more in the Rapid7 blog: r-7.co/4pE9rVs
🚨 A recently disclosed pair of vulns affecting #Fortinet devices are being actively exploited in the wild.
CVE-2025-59718 & CVE-2025-59719, carrying critical CVSSv3 scores, allow an unauthenticated remote attacker to gain device admin access. Read on: r-7.co/4j32ZF7
CVE-2025-59718 & CVE-2025-59719, carrying critical CVSSv3 scores, allow an unauthenticated remote attacker to gain device admin access. Read on: r-7.co/4j32ZF7
Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild
CVE-2025-59718 and CVE-2025-59719, critical vulnerabilities affecting FortiOS, FortiProxy, FortiSwitchManager, and FortiWeb, are actively being exploited in the wild.
r-7.co
December 17, 2025 at 9:08 PM
🚨 A recently disclosed pair of vulns affecting #Fortinet devices are being actively exploited in the wild.
CVE-2025-59718 & CVE-2025-59719, carrying critical CVSSv3 scores, allow an unauthenticated remote attacker to gain device admin access. Read on: r-7.co/4j32ZF7
CVE-2025-59718 & CVE-2025-59719, carrying critical CVSSv3 scores, allow an unauthenticated remote attacker to gain device admin access. Read on: r-7.co/4j32ZF7
Wishing everyone a wonderful holiday season! May your days be merry, bright, and bug-free. 🎁✨🧡
December 17, 2025 at 5:45 PM
Wishing everyone a wonderful holiday season! May your days be merry, bright, and bug-free. 🎁✨🧡
Reposted by Rapid7
Connected Yet Divided: Navigating Cybersecurity in a Fracture World.
Join us Thursday December 18th 8 am PT / 11 am ET
us06web.zoom.us/webinar/regi...
Panelists explore how eroding trust drives #cyberthreats, supply chain risks, and disinformation—asking if cooperation is our strongest defense
Join us Thursday December 18th 8 am PT / 11 am ET
us06web.zoom.us/webinar/regi...
Panelists explore how eroding trust drives #cyberthreats, supply chain risks, and disinformation—asking if cooperation is our strongest defense
December 15, 2025 at 6:37 PM
Connected Yet Divided: Navigating Cybersecurity in a Fracture World.
Join us Thursday December 18th 8 am PT / 11 am ET
us06web.zoom.us/webinar/regi...
Panelists explore how eroding trust drives #cyberthreats, supply chain risks, and disinformation—asking if cooperation is our strongest defense
Join us Thursday December 18th 8 am PT / 11 am ET
us06web.zoom.us/webinar/regi...
Panelists explore how eroding trust drives #cyberthreats, supply chain risks, and disinformation—asking if cooperation is our strongest defense
12/16 update: After publication, Rapid7 observed a message from the official Telegram channel announcing the release of SantaStealer.
The infostealer is now deemed production-ready by the developers and can be expected in the wild.
The infostealer is now deemed production-ready by the developers and can be expected in the wild.
'Tis the season for a new infostealer: #SantaStealer. Active promotion on Telegram and underground forums state the malware-as-a-service plans to be released before year-end.
Rapid7 Labs analyzed unstripped samples to detail how it operates and what defenders should know: https://r-7.co/4q5pk75
Rapid7 Labs analyzed unstripped samples to detail how it operates and what defenders should know: https://r-7.co/4q5pk75
SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums | Rapid7 Blog
Rapid7 Website
r-7.co
December 16, 2025 at 8:23 PM
12/16 update: After publication, Rapid7 observed a message from the official Telegram channel announcing the release of SantaStealer.
The infostealer is now deemed production-ready by the developers and can be expected in the wild.
The infostealer is now deemed production-ready by the developers and can be expected in the wild.
'Tis the season for a new infostealer: #SantaStealer. Active promotion on Telegram and underground forums state the malware-as-a-service plans to be released before year-end.
Rapid7 Labs analyzed unstripped samples to detail how it operates and what defenders should know: https://r-7.co/4q5pk75
Rapid7 Labs analyzed unstripped samples to detail how it operates and what defenders should know: https://r-7.co/4q5pk75
SantaStealer is Coming to Town: A New, Ambitious Infostealer Advertised on Underground Forums | Rapid7 Blog
Rapid7 Website
r-7.co
December 15, 2025 at 1:56 PM
'Tis the season for a new infostealer: #SantaStealer. Active promotion on Telegram and underground forums state the malware-as-a-service plans to be released before year-end.
Rapid7 Labs analyzed unstripped samples to detail how it operates and what defenders should know: https://r-7.co/4q5pk75
Rapid7 Labs analyzed unstripped samples to detail how it operates and what defenders should know: https://r-7.co/4q5pk75
🚨 Earlier this year, Rapid7 researchers discovered a stored cross-site scripting (XSS) vuln. in #Ivanti Endpoint Manager (EPM) – affecting versions 2024 SU4 and below.
Now patched, CVE-2025-10573 has been assigned a CVSS score of 9.6. More in our blog: r-7.co/4rN6TWo
Now patched, CVE-2025-10573 has been assigned a CVSS score of 9.6. More in our blog: r-7.co/4rN6TWo
CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)
Rapid7 Website
r-7.co
December 9, 2025 at 5:32 PM
🚨 Earlier this year, Rapid7 researchers discovered a stored cross-site scripting (XSS) vuln. in #Ivanti Endpoint Manager (EPM) – affecting versions 2024 SU4 and below.
Now patched, CVE-2025-10573 has been assigned a CVSS score of 9.6. More in our blog: r-7.co/4rN6TWo
Now patched, CVE-2025-10573 has been assigned a CVSS score of 9.6. More in our blog: r-7.co/4rN6TWo
🚨 On December 3, 2025, #Meta disclosed a critical unauthenticated RCE vulnerability affecting #React – a popular library for building modern web apps.
CVE-2025-55182 has been assigned the maximum CVSS rating of 10.0. Find mitigation guidance and more in the Rapid7 blog: r-7.co/4rAf48q
CVE-2025-55182 has been assigned the maximum CVSS rating of 10.0. Find mitigation guidance and more in the Rapid7 blog: r-7.co/4rAf48q
React2Shell, Critical unauthenticated RCE affecting React Server Components (CVE-2025-55182)
CVE-2025-55182 is a critical unauthenticated remote code execution vulnerability affecting React, a very popular library for building modern web applications.
r-7.co
December 4, 2025 at 4:19 PM
🚨 On December 3, 2025, #Meta disclosed a critical unauthenticated RCE vulnerability affecting #React – a popular library for building modern web apps.
CVE-2025-55182 has been assigned the maximum CVSS rating of 10.0. Find mitigation guidance and more in the Rapid7 blog: r-7.co/4rAf48q
CVE-2025-55182 has been assigned the maximum CVSS rating of 10.0. Find mitigation guidance and more in the Rapid7 blog: r-7.co/4rAf48q