VYPR

npm package

@remix-run/react

pkg:npm/%40remix-run/react

Vulnerabilities (2)

  • CVE-2026-21884Jan 10, 2026
    affected < 2.17.3fixed 2.17.3

    React Router is a router for React. In @remix-run/react version prior to 2.17.3. and react-router 7.0.0 through 7.11.0, a XSS vulnerability exists in in React Router's API in Framework Mode when using the getKey/storageKey props during Server-Side Rendering wh

  • CVE-2025-59057Jan 10, 2026
    affected >= 1.15.0, < 2.17.1fixed 2.17.1

    React Router is a router for React. In @remix-run/react versions 1.15.0 through 2.17.0. and react-router versions 7.0.0 through 7.8.2, a XSS vulnerability exists in in React Router's meta()/ APIs in Framework Mode when generating script:ld+json tags which could allow arbitr