Declarative routing for React
97%
Total Score
100
97
91
100
100
| Title | Versions | Severity |
|---|---|---|
AIKIDO-2026-740941 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. react-router is vulnerable to Deserialization of Untrusted Data in versions 7.0.0 - 7.17.0. | 7.0.0 - 7.17.0 | Medium |
AIKIDO-2026-274519 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. react-router is vulnerable to Cross-Site Request Forgery (CSRF) in versions 7.12.0 - 7.17.0. | 7.12.0 - 7.17.0 | Medium |
CVE-2026-53663 react-router is vulnerable to Cross-Site Request Forgery (CSRF) in versions 7.12.0 - 7.15.1. | 7.12.0 - 7.15.1 | Low |
CVE-2026-34077 react-router is vulnerable to Allocation of Resources Without Limits or Throttling in versions 7.0.0 - 7.14.0. | 7.0.0 - 7.14.0 | High |
CVE-2026-42342 react-router is vulnerable to Uncontrolled Resource Consumption in versions 7.0.0 - 7.15.0. | 7.0.0 - 7.15.0 | High |
| Dependency | Last Release | Score |
|---|---|---|
cookie-es Version ^3.1.1 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant