CVE-2025-55009 Information

Aug 10, 2025 cve

Description

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning them from the authkitLoader. This caused them to be rendered into the browser HTML.

Reference

https://github.com/workos/authkit-remix/commit/20102afc74bf3dd5150a975a098067fb406b90b6 https://github.com/workos/authkit-remix/releases/tag/v0.15.0 https://github.com/workos/authkit-remix/security/advisories/GHSA-v3gr-w9gf-23cx

CNNVD-202508-816 (Published: 2025-08-09)

Share on:

CVE-2025-55009 Information

Description

Reference

Related CNNVD