Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

react-router

Ecosystem:
npm
Package URL:
pkg:npm/react-router
Total PRs:
9,124 Dependabot PRs
Latest PR:
about 13 hours ago
Unique Repositories:
3,882 repositories
Unique Repos (30 days):
216 repositories
Security Advisories
React Router vulnerable to XSS via Open Redirects
GHSA-2w69-qvjg-hvjx CVE-2026-22029 HIGH published 5 months ago • updated about 13 hours ago
React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in [Framework Mode](https://reactrouter.com/start/...
React Router has stored XSS via unescaped Location header in prerendered redirect HTML
GHSA-f22v-gfqf-p8f3 CVE-2026-33244 MODERATE published 7 days ago • updated 5 days ago
When using React Router v7 [Framework Mode](https://reactrouter.com/start/modes#framework) with [Pre-rendering](https://reactrouter.com/how-to/pre-...
React Router has XSS Vulnerability
GHSA-3cgp-3xvw-98x8 CVE-2025-59057 HIGH published 5 months ago • updated 1 day ago
A XSS vulnerability exists in in React Router's `meta()`/`<Meta>` APIs in [Framework Mode](https://reactrouter.com/start/modes#framework) when gene...
React Router allows pre-render data spoofing on React-Router framework mode
GHSA-cpj6-fhp6-mr6j CVE-2025-43865 HIGH published about 1 year ago • updated 6 days ago
## Summary After some research, it turns out that it's possible to modify pre-rendered data by adding a header to the request. This allows to compl...
React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint
GHSA-8x6r-g9mw-2r78 CVE-2026-42342 HIGH published 7 days ago • updated 1 day ago
There exists a potential DOS attack vector in React Router Framework Mode applications (as well as Remix v2.10.0 - 2.17.4). Certain requests can b...
View all 13 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
chore(deps): bump the npm_and_yarn group across 1 directory with 3 updates

Dev-moe-kyawaung/firebaseui-web #4

6.30.1 → 6.30.4 Patch PR
Open 1 day ago 3 comments
Dev-moe-kyawaung
chore(deps): bump react-router and react-router-dom in /web

Paulo-Marcos-Lucio/pix-automatico-reference #20

6.30.3 → 6.30.4 Patch PR
Closed 6 days ago 2 comments
Paulo-Marcos-Lucio
chore(deps): bump react-router from 6.30.3 to 6.30.4 in the npm_and_yarn group across 1 directory

3000Studios/referrals-live #3

6.30.3 → 6.30.4 Patch PR
Closed 6 days ago 2 comments
3000Studios
chore(deps): bump react-router and react-router-dom in /frontend

kr1shnasomani/lexora #24

6.30.3 → 6.30.4 Patch PR
Open 6 days ago 1 comment
kr1shnasomani
chore(deps): bump react-router and react-router-dom in /apps/site

mafhper/mark-lee #56

6.30.3 → 6.30.4 Patch PR
Closed 6 days ago 2 comments
mafhper
chore(deps): bump react-router and react-router-dom

farion1231/cc-switch-website #24

6.30.3 → 6.30.4 Patch PR
Open 6 days ago 1 comment
farion1231
chore(deps): bump react-router and react-router-dom in /sites/mcc-cal-admin

McCal-Codes/McCals-Website #113

6.30.3 → 6.30.4 Patch PR
Open 6 days ago 3 comments
McCal-Codes
chore(deps): bump react-router and react-router-dom

appKom/Autobank-frontend #134

6.30.3 → 6.30.4 Patch PR
Open 6 days ago 1 comment
appKom
Bump react-router and react-router-dom in /client

CloudReactor/task_manager #123

6.30.3 → 6.30.4 Patch PR
Open 6 days ago 5 comments
CloudReactor
Bump react-router and react-router-dom in /_backups/ideasearchlab_2026-03-31_02-24_dark-mode-working

konstantinosStouras/konstantinosStouras.github.io #71

6.30.3 → 6.30.4 Patch PR
Closed 6 days ago 1 comment
konstantinosStouras
chore(deps): bump react-router from 6.30.3 to 6.30.4 in /workspaces/tech-insights

backstage/community-plugins #9413

6.30.3 → 6.30.4 Patch PR
Open 6 days ago 1 comment
backstage
deps(js): bump react-router and react-router-dom in /shuttlescope

MasayukiTa/shuttle-scope #82

6.30.3 → 6.30.4 Patch PR
Closed 6 days ago 1 comment
MasayukiTa
Bump the npm_and_yarn group across 2 directories with 1 update

Abhishek-yadav04/AgisFL #40

6.30.3 → 6.30.4 Patch PR
Closed 6 days ago 1 comment
Abhishek-yadav04
Bump react-router from 6.30.3 to 6.30.4 in the security group across 1 directory

Photon-Health/client #2712

6.30.3 → 6.30.4 Patch PR
Open 6 days ago 1 comment
Photon-Health
chore(deps): bump the npm_and_yarn group across 1 directory with 3 updates

Dev-moe-kyawaung/firebaseui-web #3

6.30.1 → 6.30.4 Patch PR
Open 7 days ago 2 comments
Dev-moe-kyawaung
chore(deps): bump the npm_and_yarn group across 1 directory with 3 updates

Dev-moe-kyawaung/firebaseui-web #2

6.30.1 → 6.30.2 Patch PR
Open 9 days ago 1 comment
Dev-moe-kyawaung
chore(deps): bump the minor-and-patch group across 1 directory with 8 updates

navikt/sokos-up-oppdragsinfo #479

7.15.0 → 7.15.1 Patch PR
Closed 15 days ago 2 comments
navikt
style(deps): bump the awesome-dependencies group across 1 directory with 22 updates

yamada-ui/yamada-ui #7662

7.15.0 → 7.15.1 Patch PR
Open 16 days ago 2 comments
yamada-ui
Bump the npm_and_yarn group across 1 directory with 14 updates

bobvarkey/diabetes-buddy #6

6.30.1 → 6.30.3 Patch PR
Open 16 days ago 1 comment
bobvarkey
chore(deps): bump the frontend-minor-patch group across 1 directory with 9 updates

Ediwow110/ProjTrack-Official #48

7.15.0 → 7.15.1 Patch PR
Open 17 days ago 3 comments
Ediwow110
chore(deps): Bump the minor-and-patch group across 1 directory with 37 updates

DolasDev/pegasus #143

7.15.0 → 7.15.1 Patch PR
Closed 17 days ago 1 comment
DolasDev
build(deps): bump the npm_and_yarn group across 1 directory with 11 updates

support371/whimsy-trade-bot #1

6.30.1 → 6.30.3 Patch PR
Open 18 days ago 2 comments
support371
chore(deps): bump the dependencies group with 32 updates

tekbreed/tekmemo #13

7.15.0 → 7.15.1 Patch PR
Open 18 days ago 1 comment
tekbreed
build(deps): bump the workspace-minor-patch group across 1 directory with 35 updates

knoxio/pops #2659

7.15.0 → 7.15.1 Patch PR
Closed 18 days ago 1 comment
knoxio
chore(deps): bump the npm_and_yarn group across 5 directories with 13 updates

bobvarkey/health-insights-hub #1

6.30.1 → 6.30.3 Patch PR
Closed 21 days ago 1 comment
bobvarkey
chore(deps): Bump react-router from 7.15.0 to 7.15.1

JeffryL/ggz-medplum-react-nlcore #101

7.15.0 → 7.15.1 Patch PR
Closed 22 days ago 2 comments
JeffryL
deps(js): bump the npm-minor-patch group in /frontend with 18 updates

Blb3D/filaops #613

7.15.0 → 7.15.1 Patch PR
Closed 23 days ago 2 comments
Blb3D
deps(npm): bump the patch-and-minor group with 35 updates

hu553in/vrubel-museum-exhibitions #98

7.15.0 → 7.15.1 Patch PR
Open 24 days ago 1 comment
hu553in
Build(deps): Bump the minor-and-patch group with 12 updates

t3rr11/Requesto #79

7.15.0 → 7.15.1 Patch PR
Closed 24 days ago 1 comment
t3rr11
build(deps): bump react-router and react-router-dom in /neural_care_hub_main

ShAuRyA-Noodle/NEURAMED-AI-Healthcare-System #25

6.30.1 → 6.30.3 Patch PR
Closed 25 days ago 1 comment
ShAuRyA-Noodle
chore(deps): bump react-router from 7.15.0 to 7.15.1 in the patch-updates group

STARTcloud/patchpanel #5

7.15.0 → 7.15.1 Patch PR
Closed 25 days ago 3 comments
STARTcloud
chore: bump the production-dependencies group across 1 directory with 12 updates

mengxi-ream/read-frog #1526

7.15.0 → 7.15.1 Patch PR
Open 25 days ago 1 comment
mengxi-ream
Bump react-router from 7.15.0 to 7.15.1

shlinkio/shlink-web-client #1885

7.15.0 → 7.15.1 Patch PR
Closed 25 days ago 1 comment
shlinkio
[bot] Bump the production group with 6 updates

arinaldi/pa-rr #19

7.15.0 → 7.15.1 Patch PR
Open 25 days ago 2 comments
arinaldi
Bump the npm_and_yarn group across 1 directory with 13 updates

jamesbroadmore/carterscare-v2.1 #1

6.30.1 → 6.30.3 Patch PR
Open 25 days ago 1 comment
jamesbroadmore
deps(deps): bump the minor-and-patch group across 1 directory with 29 updates

kjfsm/notion-headless-cms #272

7.15.0 → 7.15.1 Patch PR
Closed 26 days ago 5 comments
kjfsm
chore(deps): bump react-router from 7.15.0 to 7.15.1

recharts/recharts #7333

7.15.0 → 7.15.1 Patch PR
Closed 26 days ago 1 comment
recharts
Bump react-router from 7.15.0 to 7.15.1

striae-org/striae #889

7.15.0 → 7.15.1 Patch PR
Closed 26 days ago 2 comments
striae-org
Bump react-router from 7.15.0 to 7.15.1

kamkie/demo-cra #1615

7.15.0 → 7.15.1 Patch PR
Closed 26 days ago 1 comment
kamkie
Bump react-router from 7.15.0 to 7.15.1 in /ratatoskr.web.frontend/src/main/frontend

steinarb/ratatoskr #161

7.15.0 → 7.15.1 Patch PR
Open 27 days ago 1 comment
steinarb
chore(deps): bump the npm-minor-patch group with 4 updates

gitnotifier-labs/ateliermojis #25

7.15.0 → 7.15.1 Patch PR
Closed 27 days ago 2 comments
gitnotifier-labs
build(deps): bump the npm_and_yarn group across 1 directory with 12 updates

illy78/pink-test-buddy #1

6.30.1 → 6.30.3 Patch PR
Closed about 1 month ago 1 comment
illy78
Bump the npm_and_yarn group across 1 directory with 14 updates

Tech-gamer279/bloxdaieditor #22

6.30.1 → 6.30.3 Patch PR
Open about 1 month ago 1 comment
Tech-gamer279
chore(deps-dev): bump react-router from 7.14.1 to 7.14.2

betagouv/maestro #890

7.14.1 → 7.14.2 Patch PR
Closed about 1 month ago 1 comment
betagouv
Bump react-router from 7.14.1 to 7.14.2

BIBSYSDEV/NVA-Frontend #8447

7.14.1 → 7.14.2 Patch PR
Open about 1 month ago 1 comment
BIBSYSDEV
chore(deps): bump the production-dependencies group across 1 directory with 19 updates

YanYuCloudCube/YYC3-Family-AI #26

7.14.0 → 7.14.2 Patch PR
Open about 1 month ago 4 comments
YanYuCloudCube
chore(deps)(deps): bump the minor-and-patch group across 1 directory with 14 updates

yoshitetsu/muscle-tracker #7

7.14.0 → 7.14.2 Patch PR
Closed about 1 month ago 2 comments
yoshitetsu
build(deps): bump the npm_and_yarn group across 1 directory with 14 updates

support371/gem-enterprise #87

6.30.1 → 6.30.3 Patch PR
Open about 1 month ago 4 comments
support371
build(deps): bump the awesome-dependencies group across 1 directory with 17 updates

yamada-ui/yamada-ui #7137

7.14.1 → 7.14.2 Patch PR
Open about 1 month ago 2 comments
yamada-ui
chore(deps): bump the minor-and-patch group across 1 directory with 28 updates

LoopDevs/Loop #1315

7.14.1 → 7.14.2 Patch PR
Open about 1 month ago 2 comments
LoopDevs
Package Details
Name: react-router
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/react-router
JSON API: View JSON
Security Advisories

13

Active advisories
HIGH 9
MODERATE 4
View All npm Advisories
Package Information
Description:

Declarative routing for React

Repository: https://github.com/remix-run/react-router
Homepage: https://github.com/remix-run/react-router
Latest Release: 7.0.1
over 1 year ago
Dependent Repos: 1,472,795
Dependent Packages: 10,588
Downloads: 47,668,165
Ranking: Top 0.0241% by dependent repos Top 0.0372% by downloads Top 0.0093% by dependent pkgs
PR Status
Open 4,082 (44.7%)
Merged 1,176 (12.9%)
Closed 3,083 (33.8%)
PR Types
Major 817 (9.0%)
Minor 5,204 (57.0%)
Patch 2,157 (23.6%)
Removal 145 (1.6%)