The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-11953 to its Known Exploited Vulnerabilities (KEV) catalog, flagging an OS command injection flaw in the React Native Community CLI as actively exploited in the wild. Added on February 5, 2026, with a federal patching deadline of February 26, 2026, the vulnerability poses severe risks […] The post CISA Warns of React Native Community Command Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.