Security Bulletin: MongoDB Enterprised Advanced affected by: react-router-7.11.0.tgz (CVE-2026-21884, CVE-2026-22029, CVE-2026-22030)

Summary There are vulnerabilities in react-router-7.11.0.tgz used in MongoDB Enterprised Advanced for IBM, involving an XSS vulnerability. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-21884 DESCRIPTION: React Router is a router for React. In @remix-run/react version...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of React Router

Summary Due to use of React Router, DevOps Test Performance and Rational Performance Tester contain a potential Cross-Site Scripting XSS vulnerability. CVE-2026-22029 Vulnerability Details CVEID:CVE-2026-22029 DESCRIPTION: React Router is a router for React. In @remix-run/router version prior to...

Linux Distros Unpatched Vulnerability : CVE-2024-22029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root CVE-2024-22029 Note that Nessu...

CVE-2026-22029

React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router and Remix v1/v2 SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs...

CVE-2026-22029

creationtimestamp| type| source ---|---|--- 2026-01-10 03:25:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mc22sb3agx2u 2026-01-10 04:02:20+00:00| seen| Telegram/hIscdD1HJtLSg0SDRbuSjzrqCFMwMv5SX0wjW8Bk7vM6o 2026-01-10 04:19:31+00:00| seen|...

CVE-2026-22029

React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router and Remix v1/v2 SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs...

@accounter/client (>=0.0.3 <=0.0.9-alpha-20260108115520-32a9af5faa8ef0a01fc31a81c85715be41f0f63f), @asamanvay/auth-service (>=0.0.2 <=0.0.4) +74 more potentially affected by CVE-2026-22029 via react-router (>=7.0.0 <=7.12.0-pre.0)

react-router NPM version =7.0.0, =0.0.3, =0.0.2, =1.1.0, =0.1.9, =2.0.1-alpha, =0.0.5, =1.8.1, =1.5.0, =16.0.12, =0.1.0, =12.81.0, =8.0.254, =12.72.0, =12.86.0 and more Source cves: CVE-2026-22029 Source advisory: SNYK:JS-REACTROUTER-14908531...

@1023-ventures/merope2 (>=0.2.1 <=0.2.9), @1023-ventures/vega-core (>=0.5.0 <=0.6.2) +948 more potentially affected by CVE-2026-22029 via @remix-run/router (>=1.0.0 <=1.23.2-pre-v6.0)

@remix-run/router NPM version =1.0.0, =0.2.1, =0.5.0, =0.0.1, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =2.7.0, =0.0.1, =0.1.0, =0.0.0, =23.1.12, =1.0.1, =0.0.6, =0.1.2 and more Source cves: CVE-2026-22029 Source advisory: SNYK:JS-REMIXRUNROUTER-14908530...

@accounter/client (>=0.0.3 <=0.0.9-alpha-20260108115520-32a9af5faa8ef0a01fc31a81c85715be41f0f63f), @asamanvay/auth-service (>=0.0.2 <=0.0.4) +74 more potentially affected by CVE-2026-22029 via react-router (>=7.0.0 <=7.12.0-pre.0)

react-router NPM version =7.0.0, =0.0.3, =0.0.2, =1.1.0, =0.1.9, =2.0.1-alpha, =0.0.5, =1.8.1, =1.5.0, =16.0.12, =0.1.0, =12.81.0, =8.0.254, =12.72.0, =12.86.0 and more Source cves: CVE-2026-22029 Source advisory: OSV:GHSA-2W69-QVJG-HVJX...

CVE-2025-22029 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-22029 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-22029

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce component: Workbench. The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Search. Successf...

CVE-2020-22029

A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vfcolorconstancy.c: in slicegetderivative, which crossfadesamplesfltp, which might lead to memory corruption and other potential consequences...

CVE-2025-22029

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-22029

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2025-22029

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-22029

CVE-2025-22029 is rejected by its CNA and is not an active vulnerability entry.

CVE-2024-22029

Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root...

CVE-2024-22029

Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root...

CVE-2024-22029

Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root...

CVE-2024-22029

CVE-2024-22029 concerns insecure permissions in the packaging of Tomcat, enabling local privilege escalation for a race-condition during package installation. The connected advisories describe affected Tomcat packaging and note that patches/fixed packages are released by vendors (SUSE/OpenSUSE, D...