Search for packages
| purl | pkg:npm/react-router@6.26.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2bdv-sysu-ryef
Aliases: CVE-2025-68470 GHSA-9jcx-v3wj-wh4m |
React Router has unexpected external redirect via untrusted paths An attacker-supplied path can be crafted so that when a React Router application navigates to it via `navigate()`, `<Link>`, or `redirect()`, the app performs a navigation/redirect to an external URL. This is only an issue if developers pass untrusted content into navigation paths in their application code. |
Affected by 0 other vulnerabilities. Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-29T22:49:09.059387+00:00 | GitLab Importer | Affected by | VCID-2bdv-sysu-ryef | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml | 38.5.0 |
| 2026-04-17T00:06:33.597724+00:00 | GitLab Importer | Affected by | VCID-2bdv-sysu-ryef | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml | 38.4.0 |
| 2026-04-12T01:29:55.310768+00:00 | GitLab Importer | Affected by | VCID-2bdv-sysu-ryef | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml | 38.3.0 |
| 2026-04-03T01:38:41.042426+00:00 | GitLab Importer | Affected by | VCID-2bdv-sysu-ryef | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/react-router/CVE-2025-68470.yml | 38.1.0 |