Product
shopify react router
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-42342
CVE-2026-42211
CVE-2026-40181
CVE-2026-34077
CVE-2026-33245
CVE-2026-33244
CVE-2026-22030
CVE-2026-22029
CVE-2026-21884
CVE-2025-68470
CVE-2025-59057
>= 7.0.0 and < 7.15.0
React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-
>= 7.0.0 and < 7.14.2
React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could pote
>= 6.7.0 and < 6.30.4
React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3, certain URLs passed to the redirect
>= 7.0.0 and < 7.14.0
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (
>= 7.7.0 and < 7.13.2
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (
>= 7.5.1 and < 7.13.2
React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improp
>= 7.0.0 and <= 7.11.0
React Router is a router for React. In @remix-run/server-runtime version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, R
>= 7.0.0 and <= 7.11.0
React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Rout
>= 7.0.0 and <= 7.11.0
React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vuln
>= 6.0.0 and <= 6.30.1
React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be cra
>= 7.0.0 and <= 7.8.2
React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.