A essential remote-code execution (RCE) flaw within the broadly used @react-native-community/cli (and its server API) lets attackers run arbitrary OS instructions by way of the Metro improvement server, the default JavaScript bundler for React Native.
In essence, launching the event server by commonplace instructions (eg, npm begin or npx react-native begin) may expose the machine to exterior attackers, as a result of the server binds to all community interfaces by default (0.0.0.0), quite than limiting itself to “localhost” because it says within the console message.
In keeping with JFrog researchers, the bug is a extreme problem threatening builders of React Native apps. Whereas exploitation on Home windows is well-demonstrated (full OS command execution by way of unsafe open() name), the macOS/Linux paths are presently much less easy–although the chance stays actual and topic to additional analysis.
A repair is accessible, however improvement groups should transfer quick, JFrog researchers warned in a weblog put up.
Weak improvement server defaults
The vulnerability arises as a result of the Metro improvement server, which began utilizing the CLI instrument, exposes a “/open-url” HTTP endpoint that takes a URL parameter from a POST request and passes it on to the “open()” operate within the open NPM package deal. On Home windows, this may spawn an “smd /c..” name, enabling arbitrary command execution.
Including to the issue is a misconfiguration within the CLI, which prints that the server is listening on “localhost”, however beneath the hood, the host values find yourself undefined, and the server listens on 0.0.0.0 by default, opening it to all exterior networks.
This mix of insecure default binding and the flawed open() name creates the circumstances for distant code execution, one thing uncommon and harmful in a development-only instrument.
“This vulnerability exhibits that even easy Distant Code Execution flaws, reminiscent of passing person enter to the system shell, are nonetheless present in real-world software program, particularly in circumstances the place the damaging sink operate truly resides in Third-party code, which was the imported “open” operate on this case,” the researchers mentioned.
The bug, tracked as CVE-2025-11953, is assigned a CVSS rating of 9.8 out of 10, and impacts variations 4.8.0 by 20.0.0-alpha.2.
What should builders do now?
Builders utilizing @react-native-community/cli (or the bundled cli-server-api) of their React Native tasks ought to examine for the susceptible package deal model on the npm checklist. The vulnerability is fastened in model 20.0.0 of cli-server-api, so instant updating is really useful.
The stakes embrace an attacker remotely executing instructions on the sufferer’s improvement machine, doubtlessly resulting in broader community entry, code corruption, or injecting malicious payloads into an app construct. If updating isn’t possible instantly, JFrog suggested limiting the dev server to localhost by explicitly passing the “–host 127.0.0.1” flag to cut back publicity.
“It’s a reminder that safe coding practices and automatic safety scanning are important for stopping these simply exploitable flaws earlier than they make it to manufacturing,” the researchers mentioned, recommending JFrog SAST for figuring out points early within the improvement course of.
The React Native CLI flaw mirrors a broader development of attackers slipping into developer ecosystems, from npm packages with hidden payloads to rogue “verified” IDE extensions, turning trusted construct instruments into stealthy factors of entry.