Bug 2484112 (CVE-2026-40181) - CVE-2026-40181 react-router: React Router: Open redirect vulnerability via specially crafted URLs
Summary: CVE-2026-40181 react-router: React Router: Open redirect vulnerability via sp...
Keywords:
Status: NEW
Alias: CVE-2026-40181
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2489753 2489757 2489758 2489754 2489755 2489756 2489759 2489760
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-06-02 20:02 UTC by OSIDB Bzimport
Modified: 2026-06-18 18:40 UTC (History)
178 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2026-06-02 20:02:19 UTC 
React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3, certain URLs passed to the redirect function can trigger an open redirect to an external domain due to path values starting with // being reinterpreted as protocol-relative URLs. The level of impact depends on the validation done by the application prior to returning the redirect. This does not impact applications using Declarative Mode (<BrowserRouter>). This is patched in versions 7.14.1 and 6.30.4.
Comment 2 David Hanina 2026-06-03 06:49:04 UTC 
As FreeIPA goes, we can safely waive this one, as we use Declarative mode, which is not affected
Note You need to log in before you can comment on or make changes to this bug.