React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
PoC: Blackash-CVE-2025-11953
CVE-2025-11953
PoC: CVE-2025-11953-PoC
CVE-2025-11953 PoC
PoC: PoC-CVE-collection
Comprehensive Proof of Concept collection for CVE-2025-11953, CVE-2025-59287, CVE-2025-8941 with exploitation frameworks in Python, C, Bash, PowerShell
PoC: PoC-CVE-collection
Comprehensive Proof of Concept collection for CVE-2025-11953, CVE-2025-59287, CVE-2025-8941 with exploitation frameworks in Python, C, Bash, PowerShell
PoC: cve-2025-11953-vulnerability-demo
CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies.
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free