A vital remote-code execution (RCE) flaw within the broadly used @react-native-community/cli (and its server API) lets attackers run arbitrary OS instructions by way of the Metro improvement server, the default JavaScript bundler for React Native.
In essence, launching the event server by means of customary instructions (eg, npm begin or npx react-native begin) may expose the machine to exterior attackers, as a result of the server binds to all community interfaces by default (0.0.0.0), moderately than limiting itself to “localhost” because it says within the console message.
In line with JFrog researchers, the bug is a extreme problem threatening builders of React Native apps. Whereas exploitation on Home windows is well-demonstrated (full OS command execution by way of unsafe open() name), the macOS/Linux paths are at present much less simple–although the chance stays actual and topic to additional analysis.
A repair is on the market, however improvement groups should transfer quick, JFrog researchers warned in a weblog publish.
Weak improvement server defaults
The vulnerability arises as a result of the Metro improvement server, which began utilizing the CLI instrument, exposes a “/open-url” HTTP endpoint that takes a URL parameter from a POST request and passes it on to the “open()” operate within the open NPM bundle. On Home windows, this may spawn an “smd /c..” name, enabling arbitrary command execution.
Including to the issue is a misconfiguration within the CLI, which prints that the server is listening on “localhost”, however underneath the hood, the host values find yourself undefined, and the server listens on 0.0.0.0 by default, opening it to all exterior networks.
This mixture of insecure default binding and the flawed open() name creates the situations for distant code execution, one thing uncommon and harmful in a development-only instrument.
“This vulnerability exhibits that even simple Distant Code Execution flaws, reminiscent of passing consumer enter to the system shell, are nonetheless present in real-world software program, particularly in circumstances the place the harmful sink operate truly resides in Third-party code, which was the imported “open” operate on this case,” the researchers stated.
The bug, tracked as CVE-2025-11953, is assigned a CVSS rating of 9.8 out of 10, and impacts variations 4.8.0 by means of 20.0.0-alpha.2.
What should builders do now?
Builders utilizing @react-native-community/cli (or the bundled cli-server-api) of their React Native tasks ought to examine for the susceptible bundle model on the npm listing. The vulnerability is mounted in model 20.0.0 of cli-server-api, so instant updating is advisable.
The stakes embody an attacker remotely executing instructions on the sufferer’s improvement machine, doubtlessly resulting in broader community entry, code corruption, or injecting malicious payloads into an app construct. If updating isn’t possible immediately, JFrog suggested limiting the dev server to localhost by explicitly passing the “–host 127.0.0.1” flag to scale back publicity.
“It’s a reminder that safe coding practices and automatic safety scanning are important for stopping these simply exploitable flaws earlier than they make it to manufacturing,” the researchers stated, recommending JFrog SAST for figuring out points early within the improvement course of.
The React Native CLI flaw mirrors a broader development of attackers slipping into developer ecosystems, from npm packages with hidden payloads to rogue “verified” IDE extensions, turning trusted construct instruments into stealthy factors of entry.
