Skip to content

Commit 7e3ecb9

Browse files
1 parent 85ef1e6 commit 7e3ecb9

2 files changed

Lines changed: 141 additions & 0 deletions

File tree

Lines changed: 80 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,80 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-8x6r-g9mw-2r78",
4+
"modified": "2026-06-03T21:05:17Z",
5+
"published": "2026-06-03T21:05:17Z",
6+
"aliases": [
7+
"CVE-2026-42342"
8+
],
9+
"summary": "React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint",
10+
"details": "There exists a potential DOS attack vector in React Router Framework Mode applications (as well as Remix v2.10.0 - 2.17.4). Certain requests can be crafted to consume disproportionate resources on the server, resulting in response time degredation and/or service unavailability for end users.\n\n> [!NOTE]\n> This does not impact your React Router application if you are using [Declarative Mode](https://reactrouter.com/start/modes#declarative) (`<BrowserRouter>`) or [Data Mode](https://reactrouter.com/start/modes#data) (`createBrowserRouter`/`<RouterProvider>`).",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "npm",
21+
"name": "react-router"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "7.0.0"
29+
},
30+
{
31+
"fixed": "7.15.0"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "npm",
40+
"name": "@remix-run/server-runtime"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "2.10.0"
48+
},
49+
{
50+
"fixed": "2.17.5"
51+
}
52+
]
53+
}
54+
]
55+
}
56+
],
57+
"references": [
58+
{
59+
"type": "WEB",
60+
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-8x6r-g9mw-2r78"
61+
},
62+
{
63+
"type": "ADVISORY",
64+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42342"
65+
},
66+
{
67+
"type": "PACKAGE",
68+
"url": "https://github.com/remix-run/react-router"
69+
}
70+
],
71+
"database_specific": {
72+
"cwe_ids": [
73+
"CWE-400"
74+
],
75+
"severity": "HIGH",
76+
"github_reviewed": true,
77+
"github_reviewed_at": "2026-06-03T21:05:17Z",
78+
"nvd_published_at": "2026-06-02T20:16:36Z"
79+
}
80+
}
Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-ch57-39q2-4crm",
4+
"modified": "2026-06-03T21:06:27Z",
5+
"published": "2026-06-03T21:06:27Z",
6+
"aliases": [
7+
"CVE-2026-43980"
8+
],
9+
"summary": "malla: Stored XSS via Meshtastic node names in multiple frontend pages",
10+
"details": "Node names (long_name, short_name) received via MQTT are stored in SQLite without sanitization and rendered into the DOM without escaping.\nAny participant on a public Meshtastic MQTT broker can set a malicious node name that executes JavaScript in the browser of every Malla dashboard visitor.\n\nAffected files:\n\n - src/malla/templates/traceroute_graph.html (line ~832)\n - src/malla/templates/map.html (lines ~945, 1078)\n - src/malla/templates/packet_detail.html (lines ~1402, 1452)\n - src/malla/static/js/relay_node_analysis.js (line ~124)\n\nSteps to reproduce\n\n 1. Publish a Meshtastic NODEINFO_APP packet to any public MQTT broker with long_name set to a HTML entity i.e `<img src=x onerror=alert(1)>`\n 2. Wait for malla-capture to store it\n 3. Open the dashboard\n\nImpact\n\nAllows unauthenticated remote attackers to execute arbitrary JavaScript in the browser, such as: \n\n - Phishing overlays\n - Force redirect to malicious websites\n - Injection of arbitrary third-party scripts (no CSP restrictions)\n - Browser resource abuse \n - Persistent dashboard denial of service",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "PyPI",
21+
"name": "malla"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"last_affected": "0.1.7"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "WEB",
41+
"url": "https://github.com/zenitraM/malla/security/advisories/GHSA-ch57-39q2-4crm"
42+
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/zenitraM/malla/commit/4086e2b5f61615a813b70b25bc76095083552135"
46+
},
47+
{
48+
"type": "PACKAGE",
49+
"url": "https://github.com/zenitraM/malla"
50+
}
51+
],
52+
"database_specific": {
53+
"cwe_ids": [
54+
"CWE-79"
55+
],
56+
"severity": "MODERATE",
57+
"github_reviewed": true,
58+
"github_reviewed_at": "2026-06-03T21:06:27Z",
59+
"nvd_published_at": null
60+
}
61+
}

0 commit comments

Comments
 (0)