CVE-2025-11953

Risk Scores

Affected Products

Exploit Intelligence

• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)
• CVE-2025-11953 demonstration: Critical RCE vulnerability in React Native CLI (CVSS 9.8). Educational security research with proof-of-concept exploits and mitigation strategies. (github-poc)

…and 200 more exploits

Timeline

• Nov 3, 2025 CVE Published
• Nov 3, 2025 Coalition ESS Score
• Nov 3, 2025 Coalition ESS Score
• Nov 3, 2025 PoC Published
• Nov 3, 2025 PoC Published
• Nov 4, 2025 EPSS Score
• Nov 4, 2025 Coalition ESS Score
• Nov 4, 2025 PoC Published
• Nov 4, 2025 PoC Published
• Nov 4, 2025 PoC Published
• Nov 4, 2025 PoC Published
• Nov 4, 2025 PoC Published

References

• https://jfrog.com/blog/cve-2025-11953-critical-react-native-community-cli-vulnerability url
• https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547 patch
• https://www.vulncheck.com/blog/metro4shell_eitw third-party-advisory
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-11953 url
• https://x.com/SzymonRybczak/status/1986199665000566848 url
• https://x.com/thymikee/status/1986770875954475375 url
• https://nvd.nist.gov/vuln/detail/CVE-2025-11953 advisory
• https://github.com/react-native-community/cli/issues/2733#issuecomment-3502424164 url
• https://github.com/react-native-community/cli/pull/1615 url
• https://github.com/react-native-community/cli/commit/5a792169d9883e0b0fb1ddf1ea46778f21510d18 url
• https://github.com/react-native-community/cli/commit/9e1fa8cc633e5dcf32244ffa60a871880be56722 url
• https://github.com/react-native-community/cli/commit/a8293dc29425f56249753507bc24d87b698d46e1 url
• https://github.com/react-native-community/cli package
• https://github.com/react-native-community/cli/releases/tag/v20.0.0 url
• https://github.com/react-native-community/cli?tab=readme-ov-file#compatibility url
• https://x.com/szymonrybczak/status/1986199665000566848?s=46 url
• https://www.ibm.com/support/pages/node/7274185 advisory
• https://www.ibm.com/support/pages/node/7274154 advisory
• https://www.ibm.com/support/pages/node/7274180 advisory
• https://www.ibm.com/support/pages/node/7274183 advisory

…and 7 more