Security Advisory

CVE-2025-55008

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-09 02:02:14

Last updated 2025-08-11 14:33:33

Assigner GitHub_M

State PUBLISHED

Description

The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by returning them from the authkitLoader. This caused them to be rendered into the browser HTML. This issue is fixed in version 0.7.0.

← Browse all CVEs View on cve.org ↗