Known exploited
Meta
CVE published 2025-12-05
CVE-2025-55182
CVE-2025-55182 is a Meta React Server Components remote code execution vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-12-05. Because it is KEV-listed and marked as known to be used in ransomware campaigns, organizations should treat affected internet-facing React Server Components deployments as urgent priorities for mitigation, validation, and exposure review. CISA’s [truncated]