4918 matches found
CVE-2025-11953
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...
CVE-2025-11953 Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...
CVE-2025-11953
The CVE-2025-11953 issue affects the React Native Community CLI Server API Node.js Package (versions 4.8.0 up to, but not including, 20.0.0). The Metro Development Server bound to external interfaces exposes an endpoint vulnerable to OS command injection, enabling unauthenticated network attacker...
CVE-2025-11953 Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests
The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...
React Native Community CLI 安全漏洞
React Native Community CLI is an open source command line tool for React Native Community. A security vulnerability exists in the React Native Community CLI, which stems from a default binding to an external interface and an OS command injection vulnerability in the endpoint, which could allow an...
Malicious code in react-ui-animates (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faea1c84618f620702405ada06f82a0352d57b6f8544e33b87cde589284b5ef1 The package react-ui-animates was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-37461
Malicious code in react-ui-animates npm...
MAL-2025-49329 Malicious code in react-ui-animates (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faea1c84618f620702405ada06f82a0352d57b6f8544e33b87cde589284b5ef1 The package react-ui-animates was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview icon-react-fork is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in icon-react-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad97a4843ca8933070ecec7c05bf536be6b6a80d87925026a6b7be938fd264f7 The package icon-react-fork was found to contain malicious code. Source: ghsa-malware 32d3f4313eda9d40aff4d3624d6f7f534df05b45f0f282fab8e0f8211c1a38c...
Malicious Package
Overview react-icon-pkg is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-37246
Malicious code in react-icon-pkg npm...
EUVD-2025-37247
Malicious code in icon-react-fork npm...
Malicious code in react-icon-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d8ba17d7a373063f5a6120fd27a52bb855006bd5f440ee5d2f287cccaeb6bd5 The package react-icon-pkg was found to contain malicious code. Source: ghsa-malware ce6d8c074bdec68ae646e31b821c3896f805e01c46c5464e8db624d09e133205...
MAL-2025-49261 Malicious code in icon-react-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad97a4843ca8933070ecec7c05bf536be6b6a80d87925026a6b7be938fd264f7 The package icon-react-fork was found to contain malicious code. Source: ghsa-malware 32d3f4313eda9d40aff4d3624d6f7f534df05b45f0f282fab8e0f8211c1a38c...
MAL-2025-49264 Malicious code in react-icon-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d8ba17d7a373063f5a6120fd27a52bb855006bd5f440ee5d2f287cccaeb6bd5 The package react-icon-pkg was found to contain malicious code. Source: ghsa-malware ce6d8c074bdec68ae646e31b821c3896f805e01c46c5464e8db624d09e133205...
Malicious code in generator-epic-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7ce6d820d3b2380b3b4cba48d41e31b26d0fc74dd18635e0e01ad7a94c8ba0f The package generator-epic-react was found to contain malicious code...
EUVD-2025-37108
Malicious code in epic-react-survey npm...
Malicious code in epic-react-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e97bbfa7002afbed785479629e1f7312a30bf41426bd7eae5ae91d7fb7ffefd The package epic-react-testing was found to contain malicious code...
EUVD-2025-37057
Malicious code in react-router-kitt npm...