U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Staff Editor 2026-02-06
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

https://securityaffairs.com/187675/security/u-s-cisa-adds-smartertools-smartermail-and-react-native-community-cli-flaws-to-its-known-exploited-vulnerabilities-catalog.html

Publish Date: 2026-02-06 04:48:00

Source Domain: securityaffairs.com

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini
February 06, 2026

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities (KEV) catalog.

Below are the flaws added to the catalog:

  • CVE-2025-11953 React Native Community CLI OS Command Injection Vulnerability
  • CVE-2026-24423 SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability

Attackers are actively exploiting a critical flaw in the React Native CLI Metro server, tracked as CVE-2025-11953. The React Native CLI’s Metro dev server binds to external interfaces by default and exposes a command injection flaw. Unauthenticated attackers can send POST requests to execute arbitrary programs, and on Windows can also run shell commands with fully controlled arguments.

“The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary executables.” reads the advisory. “On Windows, the attackers can also execute arbitrary shell commands with fully controlled arguments.”

Metro is the JavaScript bundler and dev server used by React Native. By default, it can expose an endpoint that lets unauthenticated attackers run OS commands on Windows.

VulnCheck researchers observed consistent, real-world attacks weeks before broad disclosure.

VulnCheck spotted real-world exploitation of…

Source

More Stories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy