Lucene search
K

4917 matches found

vulnersOsv
vulnersOsv
added 2026/01/08 8:48 p.m.7 views

10xanswers (>=1.1.0 <=1.1.16), 31g-form-parser (=1.0.107) +3405 more potentially affected by CVE-2025-68470 via react-router (>=7.0.0 <=7.9.6-pre.1)

react-router NPM version =7.0.0, =1.1.0, =1.0.0, =0.0.6, =0.0.1, =0.1.0, =3.1.0-beta.1, =1.0.0, =0.0.2, =1.0.0, =1.0.1, =5.0.8 and more Source cves: CVE-2025-68470 Source advisory: OSV:GHSA-9JCX-V3WJ-WH4M...

6.5CVSS5.7AI score0.00198EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:48 p.m.5 views

@1023-ventures/merope2 (>=0.2.1 <=0.2.9), @1023-ventures/vega-core (>=0.5.0 <=0.6.2) +1054 more potentially affected by CVE-2025-68470 via react-router (>=6.0.0 <=6.30.2-pre-v6.0)

react-router NPM version =6.0.0, =0.2.1, =0.5.0, =0.0.1, =0.0.1, =3.0.0, =1.0.0, =1.0.0, =1.0.0, =2.7.0, =0.0.1, =0.1.0, =0.0.0, =5.0.0, =5.0.0, =6.1.12 and more Source cves: CVE-2025-68470 Source advisory: OSV:GHSA-9JCX-V3WJ-WH4M...

6.5CVSS5.7AI score0.00198EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:48 p.m.7 views

@1023-ventures/merope2 (>=0.2.1 <=0.2.9), @1023-ventures/vega-core (>=0.5.0 <=0.6.2) +1054 more potentially affected by CVE-2025-68470 via react-router (>=6.0.0 <=6.30.2-pre-v6.0)

react-router NPM version =6.0.0, =0.2.1, =0.5.0, =0.0.1, =0.0.1, =3.0.0, =1.0.0, =1.0.0, =1.0.0, =2.7.0, =0.0.1, =0.1.0, =0.0.0, =5.0.0, =5.0.0, =6.1.12 and more Source cves: CVE-2025-68470 Source advisory: SNYK:JS-REACTROUTER-14908286...

6.5CVSS5.7AI score0.00198EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:48 p.m.6 views

org.webjars.npm:react-router-dom (>=6.0.0-beta.8 <=6.30.0) potentially affected by CVE-2025-68470 via org.webjars.npm:react-router (>=6.0.0-beta.8 <=6.30.0)

org.webjars.npm:react-router MAVEN version =6.0.0-beta.8, =6.0.0-beta.8, =6.30.0 Source cves: CVE-2025-68470 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-14908288...

6.5CVSS5.8AI score0.00198EPSS
Exploits0
OSV
OSV
added 2026/01/08 8:45 p.m.6 views

GHSA-9583-H5HC-X8CW React Router has Path Traversal in File Session Storage

If applications use createFileSessionStorage from @react-router/node or @remix-run/node/@remix-run/deno in Remix v2 with an unsigned cookie, it is possible for an attacker to cause the session to try to read/write from a location outside the specified session file directory. The success of the...

9.1CVSS6.6AI score0.16104EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/01/08 8:45 p.m.6 views

@agent-native/core (>=0.4.2 <=0.47.1), @akrc/fnpm (=1.13.1) +123 more potentially affected by CVE-2025-61686 via @react-router/node (>=7.0.0 <=7.9.4-pre.0)

@react-router/node NPM version =7.0.0, =0.4.2, =0.2.3, =7.8.3-alpha.1, =0.9.1, =0.7.1, =0.1.0, =0.1.0, =0.0.1, =0.0.1-dev.8, =0.0.1-0, =0.0.1-alpha.6, =3.8.8, =2.1.0, =3.4.0 and more Source cves: CVE-2025-61686 Source advisory: SNYK:JS-REACTROUTERNODE-14908860...

9.1CVSS6AI score0.16104EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:45 p.m.7 views

@buttery/tokens (>=0.1.2 <=0.1.10), @common-stack/frontend-stack-react (>=6.0.6-alpha.23 <=10.0.1-alpha.0) +18 more potentially affected by CVE-2025-61686 via @remix-run/node (>=2.0.0-pre.0 <=2.17.1)

@remix-run/node NPM version =2.0.0-pre.0, =0.1.2, =6.0.6-alpha.23, =6.0.6-alpha.28, =0.1.0, =5.6.0, =5.13.0, =5.6.0, =5.6.0, =0.1.36, =2.0.0, =2.10.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2025-61686 Source advisory: SNYK:JS-REMIXRUNNODE-14908858...

9.1CVSS6AI score0.16104EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:45 p.m.7 views

@agent-native/core (>=0.4.2 <=0.47.1), @akrc/fnpm (=1.13.1) +123 more potentially affected by CVE-2025-61686 via @react-router/node (>=7.0.0 <=7.9.4-pre.0)

@react-router/node NPM version =7.0.0, =0.4.2, =0.2.3, =7.8.3-alpha.1, =0.9.1, =0.7.1, =0.1.0, =0.1.0, =0.0.1, =0.0.1-dev.8, =0.0.1-0, =0.0.1-alpha.6, =3.8.8, =2.1.0, =3.4.0 and more Source cves: CVE-2025-61686 Source advisory: OSV:GHSA-9583-H5HC-X8CW...

9.1CVSS6AI score0.16104EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/01/08 8:42 p.m.25 views

React Router has XSS Vulnerability

A XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the tag. !NOTE This does not impact applications using Declarative Mode or Data Mod...

7.6CVSS6.5AI score0.00448EPSS
Exploits0References3Affected Software2
Snyk
Snyk
added 2026/01/08 8:42 p.m.2 views

Cross-site Scripting (XSS)

Overview @remix-run/react is a React DOM bindings for Remix Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Meta API in Framework Mode when generating script:ld+json tags during server-side rendering with untrusted content. An attacker can execute arbitrary...

7.6CVSS5.4AI score0.00448EPSS
Exploits0References2
OSV
OSV
added 2026/01/08 8:42 p.m.4 views

GHSA-3CGP-3XVW-98X8 React Router has XSS Vulnerability

A XSS vulnerability exists in in React Router's meta/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitrary JavaScript execution during SSR if untrusted content is used to generate the tag. !NOTE This does not impact applications using Declarative Mode or Data Mod...

7.6CVSS6.4AI score0.00448EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/01/08 8:42 p.m.7 views

10xanswers (>=1.1.0 <=1.1.16), 31g-form-parser (=1.0.107) +3393 more potentially affected by CVE-2025-59057 via react-router (>=7.0.0 <=7.9.0-pre.1)

react-router NPM version =7.0.0, =1.1.0, =1.0.0, =0.0.6, =0.0.1, =0.1.0, =3.1.0-beta.1, =1.0.0, =0.0.2, =1.0.0, =1.0.1, =5.0.8 and more Source cves: CVE-2025-59057 Source advisory: OSV:GHSA-3CGP-3XVW-98X8...

7.6CVSS7.1AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:42 p.m.6 views

@b42inc/remix-i18n (=0.0.1), @briandlee/remix-return-navigation (>=1.0.0 <=1.1.0-dev0) +70 more potentially affected by CVE-2025-59057 via @remix-run/react (>=1.15.0 <=2.17.0)

@remix-run/react NPM version =1.15.0, =1.0.0, =0.1.2, =1.0.0, =6.0.6-alpha.23, =0.0.2-alpha.0, =0.0.1, =0.0.1, =0.1.0, =1.0.0, =0.0.22, =0.0.6, =0.0.1, =5.6.0, =5.28.0 and more Source cves: CVE-2025-59057 Source advisory: SNYK:JS-REMIXRUNREACT-14908290...

7.6CVSS7.1AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:42 p.m.7 views

@b42inc/remix-i18n (=0.0.1), @briandlee/remix-return-navigation (>=1.0.0 <=1.1.0-dev0) +70 more potentially affected by CVE-2025-59057 via @remix-run/react (>=1.15.0 <=2.17.0)

@remix-run/react NPM version =1.15.0, =1.0.0, =0.1.2, =1.0.0, =6.0.6-alpha.23, =0.0.2-alpha.0, =0.0.1, =0.0.1, =0.1.0, =1.0.0, =0.0.22, =0.0.6, =0.0.1, =5.6.0, =5.28.0 and more Source cves: CVE-2025-59057 Source advisory: OSV:GHSA-3CGP-3XVW-98X8...

7.6CVSS7.1AI score0.00448EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/08 8:42 p.m.6 views

10xanswers (>=1.1.0 <=1.1.16), 31g-form-parser (=1.0.107) +3393 more potentially affected by CVE-2025-59057 via react-router (>=7.0.0 <=7.9.0-pre.1)

react-router NPM version =7.0.0, =1.1.0, =1.0.0, =0.0.6, =0.0.1, =0.1.0, =3.1.0-beta.1, =1.0.0, =0.0.2, =1.0.0, =1.0.1, =5.0.8 and more Source cves: CVE-2025-59057 Source advisory: SNYK:JS-REACTROUTER-14908289...

7.6CVSS7.1AI score0.00448EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/01/08 4:33 p.m.152 views

Exploit for Deserialization of Untrusted Data in Facebook React

No d...

10CVSS7AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2026/01/08 4:28 p.m.181 views

Exploit for Deserialization of Untrusted Data in Facebook React

🛠️ React2Shell - Simplifying React Exploitation Framework...

10CVSS6.9AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2026/01/08 10:46 a.m.147 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 React2Shell - Proof of Concept ⚠️ SECURIT...

10CVSS8.1AI score0.99562EPSS
Exploits372
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.5 views

PT-2026-1810

🟠 React Router, Cross-Site Request Forgery, CVE-2025-47216 Moderate https://t.co/LQdTXi1ca7...

6.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.5 views

PT-2026-2137

Name of the Vulnerable Software and Affected Versions React Router versions 7.0.0 through 7.11.0 @remix-run/router versions prior to 1.23.2 Description React Router, a router for React, is susceptible to open redirect issues. Specifically, Single Page Applications SPAs using React Router and Remi...

8CVSS6.5AI score0.0077EPSS
Exploits0References12
Rows per page
Query Builder