← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Critical Remote Code Execution Vulnerability in React Native Metro Server
WHITE CODERED_VTA 2026-02-04 Modified: 2026-03-06
8
IOCs
LOW VOLUME
A critical remote code execution vulnerability, tracked as CVE-2025-11953 and nicknamed 'Metro4Shell,' has been discovered in React Native's Metro development server. This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands on developer machines through a simple crafted HTTP request. The impact of this vulnerability is significant, as it can be exploited to deploy sophisticated malware payloads targeting software developers worldwide. The vulnerability a...
executionimpactinitial-accessT1190highvtathreat-intelligence
Indicators of Compromise (8)
All CVE FileHash-SHA256 domain URL
TYPEINDICATORDESCRIPTIONCREATED
CVE CVE-2025-11953 2026-02-04
FileHash-SHA256 d8337df3aff749250557bf11daf069eb404cce0e6f4f91c6bd6d3f78aed6e9d6 2026-02-04
FileHash-SHA256 7ecbb0cc88dfa5f187c209a28bd25e8e2d5113bb898a91ae273bca5983130886 2026-02-04
FileHash-SHA256 d1886b189474b02467ed2845df0938cec9785e99c3d4b04e0b7de3cafbee4182 2026-02-04
FileHash-SHA256 6686d4baa9d483da27ba84dab85e96e42b790b608571de7bcb07a1fd7c975fe3 2026-02-04
domain system.io 2026-02-04
domain system.net 2026-02-04
URL https://www.vulncheck.com/blog/metro4shell_eitw 2026-02-04
References (1)
↗ https://www.vulncheck.com/blog/metro4shell_eitw