Critical active threat
CVE-2025-55182 Meta React Server Components Remote Code Execution
- Actively exploited (CISA KEV)
- Listed on CISA KEV
- Remote code execution exposure
Meta React Server Components RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.