CVE-2025-55008

by Fred · 09/08/2025

The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by returning them from the authkitLoader. This caused them to be rendered into the browser HTML. This issue is fixed in version 0.7.0.

Assigner : security-advisories@github.com

More information : https://github.com/workos/authkit-react-router/commit/607caac658784962bab76e227f9c5820d0b9a9e5

CVE-2025-55008

Similar

Recent Posts

Categories

CVE-2025-55008

Share this:

Similar

Recent Posts

Categories

Tags