A serious remote code execution flaw in React Native's Metro development server is being actively used by threat actors to spread advanced malware that targets software developers all over the world This article explores react native exploited. . By sending specially constructed HTTP requests, unauthenticated attackers can use the vulnerability, known as "Metro4Shell" and tracked as CVE-2025-11953, to execute arbitrary operating system commands on developer machines.

JFrog security researchers found that the vulnerability is caused by incorrect input validation on the Metro server's /open-url endpoint, which sends user-controlled data straight to the unsafe open() function without any sanitization. The popular @react-native-community/cli npm package is vulnerable in all versions from 4.8.0 to 20.0.0-alpha.2.

Metro Server Flow in React Native is being exploited (source: Vulncheck) Despite displaying a deceptive "localhost:8081" message, the Metro development server binds to all network interfaces (0.0.0.0) by default, making the vulnerable endpoint accessible to any attacker on the same network. Threat actors can execute commands with full parameter control on Windows systems, but they can launch executable files with fewer options on macOS and Linux versions. About 3,500 Metro servers are still accessible over the public internet, and patches are available for versions 20.0.0 and up.

Details of the Vulnerability Vuln, a cybersecurity firmOn December 21, 2025, Check discovered Metro4Shell exploitation via its Canary honeypot network. On January 4 and January 21, 2026, the company saw repeated attacks that delivered the same payloads, suggesting continuous operational use as opposed to experimental probing.

There is a serious discrepancy between theoretical risk models and actual threat activity, as evidenced by the fact that active exploitation started in December 2025 but the Exploit Prediction Scoring System (EPSS) only assigned a 0.00405 probability score as of late January 2026. Active Campaign of Exploitation and Compromise Indicators Attackers use a multi-stage PowerShell-based loader with base64-encoded payloads that is delivered via cmd.exe. In order to evade antivirus detection, the decoded script first adds Microsoft Defender exclusion paths for the Windows temporary directory and the current working directory using the Add-MpPreference cmdlet.

In order to obtain the next-stage payload, which is written to the system's temporary directory and executed with a lengthy argument string, the malware then creates a raw TCP connection to the attacker-controlled infrastructure and sends a GET /windows request. Analysis showed that the payload was a Rust-based binary that was UPX-packed and contained advanced anti-analysis techniques, such as runtime checks meant to obstruct static inspection. Several attack sources and command-and-control infrastructure were found by VulnCheck: IP addresses used for exploitation: 65.109.182.231 223.6.249.141 134.209.69.155 Payload Hosting Servers: 47.86.33.195:60130 (for Linux and Windows payloads) and 8.218.43.248:60124 (for Windows payloads) After the Windows payload (SHA-256: d8337df3aff749250557bf11daf069eb404cce0e6f4f91c6bd6d3f78aed6e9d6) is unpacked, an executable based on Rust (SHA-256: 7ecbb0cc88dfa5f187c209a28bd25e8e2d5113bb898a91ae273bca5983130886) is revealed.

The cross-platform nature of this operation is demonstrated by the identical infrastructure hosting corresponding "Linux" binaries.

Because they usually contain source code, credentials, API keys, and access to production infrastructure while being subject to significantly less security scrutiny than production systems, developer environments are especially appealing targets. Developers are left vulnerable on shared networks, coffee shops, or improperly configured corporate VLANs due to the default insecure Metro configuration, which creates a false sense of security. In order to limit exposure on untrusted networks, organizations should immediately audit their development environments, update all @react-native-community/cli packages to version 20.0.0 or later, limit Metro server binding to localhost only, and use network segmentation.