Known vulnerabilities in Remix React Router

Vendor: Remix
Website: https://remix.run/
Total Security Bulletins: 13

Security bulletins (13)

Secuity bulletin Severity Status Published
SB2026061989: Denial of service in React Router Medium
Patched
19.06.2026
SB2026061988: CSRF via PUT/PATCH/DELETE requests in React Router Medium
Patched
19.06.2026
SB2026061987: CSRF in React Router Low
Patched
19.06.2026
SB2026061985: XSS via Meta component in React Router Medium
Patched
19.06.2026
SB2026061982: Path traversal in React Router Medium
Patched
19.06.2026
SB2026061981: Input validation error in React Router Low
Patched
19.06.2026
SB2026061979: Deserialization of Untrusted Data in React Router High
Patched
19.06.2026
SB2026061978: Input validation error in React Router Low
Patched
19.06.2026
SB2026061977: Multiple vulnerabilities in React Router Medium
Patched
19.06.2026
SB2026061962: Resource exhaustion in React Router Medium
Patched
19.06.2026
SB2026040154: XSS in Remix React Router Low
Patched
01.04.2026
SB2026031906: Remote code execution in Remix React and React Router High
Patched
19.03.2026
SB2025040144: Improper input validation in React Router Medium
Patched
01.04.2025