ByteOS Network

NVD Vulnerability Details :

CVE-2025-55009

Awaiting Analysis

Source-security-advisories@github.com

Published At-09 Aug, 2025 | 03:15

Updated At-11 Aug, 2025 | 18:32

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning them from the authkitLoader. This caused them to be rendered into the browser HTML.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.1	HIGH	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

Weaknesses

CWE ID	Type	Source
CWE-200	Primary	security-advisories@github.com

References

Hyperlink	Source	Resource
https://github.com/workos/authkit-remix/commit/20102afc74bf3dd5150a975a098067fb406b90b6	security-advisories@github.com	N/A
https://github.com/workos/authkit-remix/releases/tag/v0.15.0	security-advisories@github.com	N/A
https://github.com/workos/authkit-remix/security/advisories/GHSA-v3gr-w9gf-23cx	security-advisories@github.com	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History