CVE-2025-11953

Name of the Vulnerable Software and Affected Versions @react-native-community/cli-server-api versions 4.8.0 through 20.0.0-alpha.2 @react-native-community/cli versions 4.8.0 through 20.0.0-alpha.2

Description An OS command injection flaw exists in the Metro Development Server, which is opened by the React Native Community CLI. The server binds to external interfaces by default, allowing unauthenticated network attackers to send a specially crafted POST request to the '/open-url' endpoint. The vulnerability occurs because the url parameter in the request body is passed to the open() function without proper validation or sanitization. On Windows, this allows for the execution of arbitrary shell commands with fully controlled arguments. On Linux and macOS, it can lead to the execution of arbitrary executables or the exploitation of URI schemes (such as file://). Approximately 3,500 unprotected servers have been identified globally. Real-world exploitation has been observed since December 2025, where attackers used the flaw to disable Microsoft Defender via the Add-MpPreference command and deploy Rust-based malware on Windows and Linux workstations.

Recommendations Update @react-native-community/cli-server-api and @react-native-community/cli to version 20.0.0 or later. As a temporary workaround, start the Metro server bound only to localhost by using the command npx react-native start --host 127.0.0.1 to block external access. Restrict access to the '/open-url' endpoint using IDS/WAF rules to block POST requests where the url parameter does not start with http:// or https://.