689 matches found
CVE-2025-11953
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...
CVE-2025-11953 Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...
CVE-2025-11953
The CVE-2025-11953 issue affects the React Native Community CLI Server API Node.js Package (versions 4.8.0 up to, but not including, 20.0.0). The Metro Development Server bound to external interfaces exposes an endpoint vulnerable to OS command injection, enabling unauthenticated network attacker...
CVE-2025-11953 Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...
React Native Community CLI 安全漏洞
React Native Community CLI is an open source command line tool for React Native Community. A security vulnerability exists in the React Native Community CLI, which stems from a default binding to an external interface and an OS command injection vulnerability in the endpoint, which could allow an...
Malicious Package
Overview hyperion-react-native is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-34714
Malicious code in hyperion-react-native npm...
MAL-2025-48437 Malicious code in hyperion-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b9ccc060b3a05f5422ec317fc83c828522f43b1b0b2ce916d1c5d72bf082366 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in hyperion-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b9ccc060b3a05f5422ec317fc83c828522f43b1b0b2ce916d1c5d72bf082366 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2021-0978
Malware in sbrugna...
EUVD-2019-3813
Malware in sbrugna...
EUVD-2021-10961
Malware in sbrugna...
EUVD-2020-12722
Malware in sbrugna...
EUVD-2018-0518
Malware in sbrugna...
EUVD-2021-1447
Malware in sbrugna...
EUVD-2022-53431
Malicious code in bioql PyPI...
EUVD-2022-38179
Malicious code in bioql PyPI...
EUVD-2022-5710
Malicious code in bioql PyPI...
EUVD-2024-0246
Malicious code in bioql PyPI...
EUVD-2022-43456
Malicious code in bioql PyPI...