CNNVD-202511-058 Information

CNNVD ID

CNNVD-202511-058

Related CVE

CVE-2025-11953

• CNNVD Published: 2025-11-03

Description (Chinese)

React Native Community CLI是React Native Community开源的一个命令行工具。 React Native Community CLI存在安全漏洞，该漏洞源于默认绑定外部接口且端点存在OS命令注入漏洞，可能导致未经验证的攻击者发送POST请求执行任意命令。

Description (English)

React Nature Community CLI is an open command line tool for React Nature Community. React Nature Community CLI has a security loophole, which stems from the default binding of the external interface and the presence of an OS command at the end point, which may lead uncertified assailants to send POST to request an arbitrary order.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

React Native Community

Published

2025-11-03

Last Modified

2026-02-24

References

https://jfrog.com/blog/cve-2025-11953-critical-react-native-community-cli-vulnerability https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547 https://access.redhat.com/security/cve/cve-2025-11953