CVE-2026-21884 | remix-run react-router API getKey/storageKey cross site scripting (GHSA-8v8x-cx79-35w7)

A vulnerability, which was classified as problematic, has been found in remix-run react-router. This affects an unknown function of the component API. Performing a manipulation of the argument getKey/storageKey results in cross site scripting.

This vulnerability is known as CVE-2026-21884. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More