{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T23:11:03.479","vulnerabilities":[{"cve":{"id":"CVE-2025-55008","sourceIdentifier":"security-advisories@github.com","published":"2025-08-09T03:15:47.327","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by returning them from the authkitLoader. This caused them to be rendered into the browser HTML. This issue is fixed in version 0.7.0."},{"lang":"es","value":"La librería AuthKit para React Router 7+ proporciona ayudantes para la autenticación y la gestión de sesiones mediante WorkOS y AuthKit con React Router. En las versiones 0.6.1 y anteriores, @workos-inc/authkit-react-router exponía artefactos de autenticación sensibles, en concreto, sealedSession y accessToken, al devolverlos desde authkitLoader. Esto provocaba que se renderizaran en el HTML del navegador. Este problema se ha corregido en la versión 0.7.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":5.5}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://github.com/workos/authkit-react-router/commit/607caac658784962bab76e227f9c5820d0b9a9e5","source":"security-advisories@github.com"},{"url":"https://github.com/workos/authkit-react-router/releases/tag/v0.7.0","source":"security-advisories@github.com"},{"url":"https://github.com/workos/authkit-react-router/security/advisories/GHSA-vqvc-9q8x-vmq6","source":"security-advisories@github.com"}]}}]}