| CVE-2026-42211 |
high |
8.1 |
8.1 |
|
|
|
3d ago |
React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution (RCE) through extern… |
| CVE-2026-22029 |
high |
8.0 |
8.0 |
|
|
|
5mo ago |
React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from l… |
| CVE-2026-42342 |
high |
7.5 |
7.5 |
|
|
|
3d ago |
React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-run/server-runtime, certain crafted requests can consume disproportio… |
| CVE-2026-34077 |
high |
7.5 |
7.5 |
|
|
|
3d ago |
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (RSC) APIs, there is a potential client-side Cross-Site Scripting (XSS… |
