CVE-2026-42342: React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint

There exists a potential DOS attack vector in React Router Framework Mode applications (as well as Remix v2.10.0 2.17.4). Certain requests can be crafted to consume disproportionate resources on the server, resulting in…

7.5CVSS Score

HIGHSeverity

NOCISA KEV

VulnerabilityImpact Type

📋 Vulnerability Details

CVE ID	CVE-2026-42342
Vendor	npm
Affected Product	react-router
Vulnerability Type	Vulnerability
CVSS Score	7.5 (HIGH)
Actively Exploited	❌ No known exploitation
Patch Status	See Vendor Advisory →
Reported By	CYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

There exists a potential DOS attack vector in React Router Framework Mode applications (as well as Remix v2.10.0 - 2.17.4). Certain requests can be crafted to consume disproportionate resources on the server, resulting in response time degredation and/or service unavailability for end users. > [!NOTE] > This does not impact your React Router application if you are using [Declarative Mode](https://reactrouter.com/start/modes#declarative) ( ) or [Data Mode](https://reactrouter.com/start/modes#data) (createBrowserRouter/ ).

🎯 Known Indicators of Compromise

{"type":"url","value":"https://reactrouter.com/start/modes#declarative)","confidence_score":0.82,"first_seen":"2026-06-03","source_count":1} {"type":"url","value":"https://reactrouter.com/start/modes#data)","confidence_score":0.82,"first_seen":"2026-06-03","source_count":1} {"type":"domain","value":"reactrouter.com","confidence_score":0.75,"first_seen":"2026-06-03","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-42342 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries

🛡️ Get Detection Pack → 🔌 Access via API →