diff --git a/advisories/github-reviewed/2026/06/GHSA-2j2x-hqr9-3h42/GHSA-2j2x-hqr9-3h42.json b/advisories/github-reviewed/2026/06/GHSA-2j2x-hqr9-3h42/GHSA-2j2x-hqr9-3h42.json index b44c80edd4448..08699c386e369 100644 --- a/advisories/github-reviewed/2026/06/GHSA-2j2x-hqr9-3h42/GHSA-2j2x-hqr9-3h42.json +++ b/advisories/github-reviewed/2026/06/GHSA-2j2x-hqr9-3h42/GHSA-2j2x-hqr9-3h42.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-2j2x-hqr9-3h42", - "modified": "2026-06-03T20:58:01Z", + "modified": "2026-06-03T20:58:02Z", "published": "2026-06-03T20:58:01Z", "aliases": [ "CVE-2026-40181" @@ -11,43 +11,24 @@ "severity": [ { "type": "CVSS_V4", - "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" + "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N" } ], "affected": [ { "package": { "ecosystem": "npm", - "name": "react-router" + "name": "router" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { - "introduced": "7.0.0" + "introduced": "0" }, { - "fixed": "7.14.1" - } - ] - } - ] - }, - { - "package": { - "ecosystem": "npm", - "name": "react-router" - }, - "ranges": [ - { - "type": "ECOSYSTEM", - "events": [ - { - "introduced": "6.7.0" - }, - { - "fixed": "6.30.4" + "fixed": "1.23.3" } ] } @@ -63,6 +44,10 @@ "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40181" }, + { + "type": "WEB", + "url": "https://github.com/remix-run/react-router/commit/d77f6b1db8202e2160098432df349dbed118c948" + }, { "type": "PACKAGE", "url": "https://github.com/remix-run/react-router" @@ -72,7 +57,7 @@ "cwe_ids": [ "CWE-601" ], - "severity": "MODERATE", + "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2026-06-03T20:58:01Z", "nvd_published_at": "2026-06-02T20:16:35Z"