{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:16:48.167","vulnerabilities":[{"cve":{"id":"CVE-2025-68470","sourceIdentifier":"security-advisories@github.com","published":"2026-01-10T03:15:48.477","lastModified":"2026-01-30T18:20:54.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be crafted so that when a React Router application navigates to it via navigate(), <Link>, or redirect(), the app performs a navigation/redirect to an external URL. This is only an issue if you are passing untrusted content into navigation paths in your application code. This issue has been patched in versions 6.30.2 and 7.9.6."},{"lang":"es","value":"React Router es un router para React. En las versiones 6.0.0 a 6.30.1 y 7.0.0 a 7.9.5, una ruta proporcionada por un atacante puede ser diseñada de modo que cuando una aplicación de React Router navega a ella a través de navigate(), , o redirect(), la aplicación realiza una navegación/redirección a una URL externa. Esto es solo un problema si está pasando contenido no confiable a rutas de navegación en el código de su aplicación. Este problema ha sido parcheado en las versiones 6.30.2 y 7.9.6."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:shopify:react-router:*:*:*:*:*:node.js:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.30.1","matchCriteriaId":"FFF65931-3D66-4739-BFC7-9632E04CFBD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:shopify:react-router:*:*:*:*:*:node.js:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.9.5","matchCriteriaId":"7460DDBE-CAD6-4AD1-A8CF-334FBB977ABE"}]}]}],"references":[{"url":"https://github.com/remix-run/react-router/security/advisories/GHSA-9jcx-v3wj-wh4m","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}}]}