shopify
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting shopify.
- CVE-2026-42342React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint7.5
- CVE-2026-42211React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE8.1
- CVE-2026-40181React Router's same-origin redirect with path starting // causes open redirect via protocol-relative URL reinterpretation6.1
- CVE-2026-34077React Router vulnerable to Denial of Service via reflected user input in single-fetch7.5
- CVE-2026-33245React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets8.0
- CVE-2026-33244React Router has stored XSS via unescaped Location header in prerendered redirect HTML5.4
- CVE-2026-39862Tophat has a Command Injection Vulnerability When Accessing a Maliciously Crafted Tophat Link8.8
- CVE-2026-34060Ruby LSP has arbitrary code execution through branch setting9.8
- CVE-2026-22030React Router has CSRF issue in Action/Server Action Request Processing6.5
- CVE-2026-22029React Router vulnerable to XSS via Open Redirects8.0
- CVE-2026-21884React Router SSR XSS in ScrollRestoration8.2
- CVE-2025-61686React Router has Path Traversal in File Session Storage9.1
- CVE-2025-59057React Router has XSS Vulnerability7.6
- CVE-2025-68470React Router has unexpected external redirect via untrusted paths6.5
- CVE-2025-48069ejson2env has insufficient input sanitization6.6