## https://sploitus.com/exploit?id=SAINT:7C361ABBA8314CA1AA40F3438C06ECA1
Added: 02/04/2026
### Background
React Native is a framework for building mobile JavaScript applications. React Native Community CLI is a collection of command line tools that help developers build React Native mobile applications.
### Problem
A vulnerability in React Native Community CLI when running with the Metro development server could allow remote attackers to execute arbitrary commands via a POST request to the `**open-url**` endpoint.
### Resolution
Update `**@react-native-community/cli-server-api**` to version 20.0.0 or higher in each react-native project.
### References
https://jfrog.com/blog/cve-2025-11953-critical-react-native-community-cli-vulnerability/
### Platforms
Windows
Linux