A vulnerability was found in remix-run react-router up to 6.30.3/7.14.0 . It has been declared as problematic . The affected element is the function redirect of the component Relative URL Handler . Such manipulation leads to open redirect. This vulnerability is documented as CVE-2026-40181 . The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.