CVE-2026-22029
HIGHReact Router < 1.23.2 and 7.0.0-7.11.0 - Cross-Site Scripting via Open Navigation Redirect
Title source: llmDescription
React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (<BrowserRouter>) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.
References (37)
Core 37
Core References
Vendor Advisory x_refsource_confirm
https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:13542
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:13548
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:1517
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:17468
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:17469
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:17474
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:19712
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:20041
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:20042
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2147
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2148
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2149
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:21658
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2350
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2456
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2568
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2572
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:26413
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:26420
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2694
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:3087
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:3782
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:3958
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:3959
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:3960
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:5633
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:5636
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:8218
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:8229
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:9848
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-22029
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2428412
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:36651
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:36882
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:34100
Scores
CVSS v3
8.0
EPSS
0.0077
EPSS Percentile
51.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-79
Status
published
Products (6)
npm/react-router
7.0.0 - 7.12.0npm
remix-run/@remix-run/router
< 1.23.2
remix-run/react-router
>= 7.0.0, < 7.12.0
remix-run/router
0 - 1.23.2npm
shopify/react-router
7.0.0 - 7.11.0
shopify/remix-run\/react
< 1.23.2
Published
Jan 10, 2026
Tracked Since
Feb 18, 2026