MEDIUM npm
GHSA-2j2x-hqr9-3h42 · CVE-2026-40181 React Router's same-origin redirect with path starting // causes open redirect via protocol-relative URL reinterpretation
수정: 2026. 6. 3.
package
npm / react-router
pkg:npm/react-router
HIGH 8.0 npm
GHSA-2w69-qvjg-hvjx · CVE-2026-22029 React Router vulnerable to XSS via Open Redirects
수정: 2026. 2. 3.
HIGH 7.6 npm
GHSA-3cgp-3xvw-98x8 · CVE-2025-59057 React Router has XSS Vulnerability
수정: 2026. 2. 3.
HIGH 8.1 npm
GHSA-49rj-9fvp-4h2h · CVE-2026-42211 React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE
수정: 2026. 6. 3.
HIGH 8.0 npm
GHSA-8646-j5j9-6r62 · CVE-2026-33245 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
수정: 2026. 6. 3.
HIGH 8.2 npm
GHSA-8v8x-cx79-35w7 · CVE-2026-21884 React Router SSR XSS in ScrollRestoration
수정: 2026. 2. 3.
HIGH 7.5 npm
GHSA-8x6r-g9mw-2r78 · CVE-2026-42342 React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint
수정: 2026. 6. 8.
MEDIUM 6.5 npm
GHSA-9jcx-v3wj-wh4m · CVE-2025-68470 React Router has unexpected external redirect via untrusted paths
수정: 2026. 2. 3.
HIGH 8.2 npm
GHSA-cpj6-fhp6-mr6j · CVE-2025-43865 React Router allows pre-render data spoofing on React-Router framework mode
수정: 2026. 2. 3.
MEDIUM 5.4 npm
GHSA-f22v-gfqf-p8f3 · CVE-2026-33244 React Router has stored XSS via unescaped Location header in prerendered redirect HTML
수정: 2026. 6. 3.
HIGH 7.5 npm
GHSA-f46r-rw29-r322 · CVE-2025-43864 React Router allows a DoS via cache poisoning by forcing SPA mode
수정: 2025. 4. 25.
MEDIUM 6.5 npm
GHSA-h5cw-625j-3rxh · CVE-2026-22030 React Router has CSRF issue in Action/Server Action Request Processing
수정: 2026. 2. 3.
HIGH 7.5 npm
GHSA-rxv8-25v2-qmq8 · CVE-2026-34077 React Router vulnerable to Denial of Service via reflected user input in single-fetch
수정: 2026. 6. 4.