It didn’t take long: CVE-2025-55182 is now under active exploitation
ID: 91bacafa-87f6-5f5d-a3bc-8d3c2b61cd08
STIX ID: report--91bacafa-87f6-5f5d-a3bc-8d3c2b61cd08
Feed Name: Securelist by Kaspersky
Threat Score
React4Shell (CVE-2025-55182) is a critical (CVSS 10.0) deserialization vulnerability in React Server Components actively weaponized in the wild; Kaspersky observed rapid exploitation attempts delivering crypto-miners, Mirai/Gafgyt variants and the RondoDox botnet, provided multiple IOCs (malware URLs and MD5 hashes), described attacker TTPs and recommended immediate patching and mitigations.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.