React2Shell Batch Scanner

Paste up to 1000 targets • Non-destructive probe for CVE-2025-55182 / CVE-2025-66478.

Idle

TARGET URLS0 pasted • using first 0 (max 1000)

One URL per line. Avoid pointing at /api/detect itself to prevent recursion.

BATCH SUMMARY0/0 scanned

Vulnerable: 0

Safe: 0

Unknown: 0

Errors: 0

Runs detect.sh once per URL via /api/detect, in sequence. No parallel flood, no DoS.

SCAN RESULTS

Results will appear here after you run a batch.

RAW OUTPUT (SELECTED TARGET)

Click a row in the results table to view detect.sh output for that target.

React2Shell batch probe • multipart ["$1:a:a"] → checks for E{"digest"} crash.Upgrade: Next.js ≥ 16.0.7 • React ≥ 19.2.1