Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

U.S. CISA Adds SmarterTools SmarterMail and React Native Community CLI Flaws to Its Known Exploited Vulnerabilities Catalog: A Growing Concern for Cybersecurity



The U.S. CISA has added two new vulnerabilities, CVE-2025-11953 in React Native Community CLI and CVE-2026-24423 in SmarterTools SmarterMail, to its Known Exploited Vulnerabilities catalog. These vulnerabilities pose significant risks to organizations that use these software solutions and highlight the growing concern for cybersecurity in today's digital landscape.

  • Cybersecurity agencies worldwide are on high alert due to two new vulnerabilities added to the KEV catalog.
  • The React Native Community CLI vulnerability (CVE-2025-11953) poses significant risks, allowing unauthenticated attackers to execute arbitrary programs and run shell commands.
  • The SmarterTools SmarterMail vulnerability (CVE-2026-24423) allows attackers to run malicious code on affected systems by pointing the application to a malicious HTTP server.
  • CISA orders federal agencies to fix these vulnerabilities by February 26, 2026, emphasizing timely patching and mitigation.


    • Cybersecurity agencies around the world are on high alert as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities, CVE-2025-11953 in React Native Community CLI and CVE-2026-24423 in SmarterTools SmarterMail, pose significant risks to organizations that use these software solutions.

    The React Native Community CLI vulnerability, tracked as CVE-2025-11953, is a critical flaw in the Metro server that binds to external interfaces by default. This exposes a command injection vulnerability, allowing unauthenticated attackers to send POST requests and execute arbitrary programs on Windows systems. Furthermore, attackers can also run shell commands with fully controlled arguments, making it a highly exploitable vulnerability.

    According to VulnCheck researchers, who observed consistent, real-world attacks weeks before the broad disclosure of this flaw, the lack of public acknowledgment poses a significant risk to defenders. Despite this, the activity still lacks broad recognition, and the exploitation probability score remains low at 0.00405. The gap between observed exploitation and wider recognition matters, particularly for vulnerabilities that are easy to exploit and exposed on the public internet.

    The React Native Community CLI vulnerability has been used operationally by attackers, who delivered a multi-stage, base64-encoded PowerShell loader via cmd.exe, disabled Microsoft Defender protections, fetched payloads over raw TCP, and executed a downloaded binary. The malware was a UPX-packed Rust payload with basic anti-analysis features.

    On the other hand, the SmarterTools SmarterMail vulnerability, tracked as CVE-2026-24423, is a critical vulnerability that could allow attackers to run malicious code on affected systems. The vulnerability is contained in the ConnectToHub API method and can be exploited by pointing the SmarterMail to a malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application.

    SmarterTools addressed the issue in version Build 9511, but it is essential for organizations to review their infrastructure and address the vulnerabilities as soon as possible. CISA orders federal agencies to fix the vulnerabilities by February 26, 2026, emphasizing the importance of timely patching and mitigation.

    Experts also recommend that private organizations take proactive measures to protect themselves against these vulnerabilities. This includes implementing robust security controls, conducting regular vulnerability assessments, and ensuring that all software solutions are up-to-date with the latest patches.

    In conclusion, the addition of CVE-2025-11953 and CVE-2026-24423 to the KEV catalog highlights the growing concern for cybersecurity in today's digital landscape. Organizations must take immediate action to address these vulnerabilities and ensure that their systems are protected against exploitation.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/US-CISA-Adds-SmarterTools-SmarterMail-and-React-Native-Community-CLI-Flaws-to-Its-Known-Exploited-Vulnerabilities-Catalog-A-Growing-Concern-for-Cybersecurity-ehn.shtml

  • https://securityaffairs.com/187675/security/u-s-cisa-adds-smartertools-smartermail-and-react-native-community-cli-flaws-to-its-known-exploited-vulnerabilities-catalog.html

  • https://www.cisa.gov/news-events/alerts/2026/02/05/cisa-adds-two-known-exploited-vulnerabilities-catalog

  • https://nvd.nist.gov/vuln/detail/CVE-2025-11953

  • https://www.cvedetails.com/cve/CVE-2025-11953/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-24423

  • https://www.cvedetails.com/cve/CVE-2026-24423/

  • https://www.securityweek.com/critical-react-native-vulnerability-exploited-in-the-wild/

  • https://cybersecuritynews.com/react-native-command-injection-flaw/

  • https://portal.smartertools.com/community/a97747/summary-of-smartertools-breach-and-smartermail-cves.aspx

  • https://cyberpress.org/cisa-warns-of-actively-exploited-smartertools-smartermail-vulnerability-used-in-ransomware-attacks/

  • https://cybersixt.com/a/9FRdYkDRI-n9p2tTliWFxg

  • https://cyberpress.org/exploit-react-native-metro-server-flaw/


    • Published: Fri Feb 6 04:38:19 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us