CVE-2026-34077

ADVISORY - github

Summary

A DoS vulnerability exists in the React Router v7 Framework Mode, as well as Remix v2.9.0+ with Single Fetch enabled. In some scenarios the underlying serialization algorithm can become a bottleneck when encoding specific types of data into server responses. Please upgrade to React Router v7.14.0 or later.

[!NOTE] This does not impact your React Router application if you are using Declarative Mode (<BrowserRouter>) or Data Mode (createBrowserRouter/<RouterProvider>).

EPSS Score⁠: 0.0004 (0.123)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - github

CWE-770⁠

Allocation of Resources Without Limits or Throttling

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.