CVE-2025-66478

Dec. 3, 2025, 6:15 p.m.

None
No Score

Description

Rejected reason: This CVE is a duplicate of CVE-2025-55182.

Product(s) Impacted

Product Versions
*
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

Tags

security-advisories@github.com
2025-12-03
CVE-2025-66478

Timeline

Published: Dec. 3, 2025, 6:15 p.m.
Last Modified: Dec. 3, 2025, 6:15 p.m.

Status : Rejected

CVE has been marked as "**REJECT**" in the CVE List. These CVEs are stored in the NVD, but do not show up in search results.

More info

Source

security-advisories@github.com

Relations

Here is the list of observables linked to the vulnerability CVE-2025-66478 using threat intelligence.

  • Kaiji
  • ANGRYREBEL.LINUX
  • HISONIC
  • EtherRAT
  • PeerBlight
  • ZinFoq
  • ShadowPad - S0596
  • CowTunnel
  • SNOWLIGHT
  • VShell
  • XMRig
  • MINOCAT
  • ShadowPad
  • COMPOOD

Linked Attack Reports

Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild (Updated November 3)

A critical vulnerability in Microsoft's Windows Server Update Services (WSUS) allows unauthenticated remote code execution with system privileges. Initially patched on October 14, 2025, the flaw required an emergency update on October 23 due to incomplete mitigation. Active exploitation was observe…
cisa
rce
patch management
CVE-2025-59287
2025-12-07
active exploitation
kev catalog
windows server
wsus
Published: December 7, 2025
Linked vulnerabilities : CVE-2024-36401, CVE-2025-32433 (CVSS 10.0), CVE-2025-52905 (CVSS 7.0), CVE-2025-52906 (CVSS 9.3), CVE-2025-52907 (CVSS 7.3), CVE-2025-59287 (CVSS 9.8), CVE-2025-53868 (CVSS 8.5), CVE-2025-61955 (CVSS 8.5), CVE-2025-57780 (CVSS 8.5), CVE-2025-55182 (CVSS 10.0), CVE-2025-66478, CVE-2025-21042
Downloadable IOCs: 1

PeerBlight Linux Backdoor Exploits React2Shell CVE-2025-55182

A critical vulnerability in React Server Components (CVE-2025-55182) is being exploited across various organizations. Attackers are deploying cryptominer malware, a Linux backdoor called PeerBlight, a reverse proxy tunnel named CowTunnel, and a Go-based post-exploitation implant dubbed ZinFoq. Peer…
post-exploitation
linux backdoor
CVE-2025-55182
react2shell
2025-12-10
bittorrent dht
cowtunnel
kaiji
peerblight
zinfoq
Published: December 10, 2025
Linked vulnerabilities : CVE-2025-30406, CVE-2025-55182 (CVSS 10.0), CVE-2025-66478
Downloadable IOCs: 36

Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)

A critical remote code execution vulnerability in React Server Components, CVE-2025-55182, has been widely exploited by various threat actors. China-nexus espionage groups and financially motivated actors have been observed leveraging this vulnerability to deploy malware such as MINOCAT tunneler, S…
remote code execution
CVE-2025-55182
react2shell
2025-12-13
Published: December 13, 2025
Linked vulnerabilities : CVE-2025-55182 (CVSS 10.0), CVE-2025-66478, CVE-2025-55184 (CVSS 7.5), CVE-2025-55183 (CVSS 5.3), CVE-2025-67779 (CVSS 7.5)
Downloadable IOCs: 7

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182, also known as React2Shell, is a critical pre-authentication remote code execution vulnerability affecting React Server Components and related frameworks. With a CVSS score of 10.0, it allows attackers to execute arbitrary code on vulnerable servers through a single malicious HTTP re…
vulnerability
remote code execution
vshell
snowlight
CVE-2025-55182
react2shell
2025-12-15
etherrat
Published: December 15, 2025
Linked vulnerabilities : CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, CVE-2021-27065, CVE-2025-55182 (CVSS 10.0), CVE-2025-66478
Downloadable IOCs: 50

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.