CVE-2025-31137

Summary

CVE-2025-31137 is a newly disclosed vulnerability affecting Remix and React Router versions 2 and 7 using the Express adapter. This issue enables attackers to manipulate URLs by inserting a malicious pathname in the port section of a URL, which can be sent as a Host or X-Forwarded-Host header. By exploiting this vulnerability, an attacker can potentially gain unauthorized access to protected resources or perform actions on behalf of the user. This issue has been mitigated with the release of Remix 2.16.3 and React Router 7.4.1, and users are strongly encouraged to update these packages as soon as possible to protect against this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.