HIGH 7.5 npm
GHSA-rxv8-25v2-qmq8 · CVE-2026-34077 React Router vulnerable to Denial of Service via reflected user input in single-fetch
Modified: 6/4/2026
package
npm / turbo-stream
pkg:npm/turbo-stream
package
pkg:npm/turbo-stream
React Router vulnerable to Denial of Service via reflected user input in single-fetch
Modified: 6/4/2026