heroic-games-launcher-2.18.1-2.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2026:10069-1 Final 1 1 2026-01-19T00:00:00Z current 2026-01-19T00:00:00Z 2026-01-19T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z heroic-games-launcher-2.18.1-2.1 on GA media These are all security issues fixed in the heroic-games-launcher-2.18.1-2.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2026-10069 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2026-22029/ SUSE CVE CVE-2026-22029 page openSUSE Tumbleweed heroic-games-launcher-2.18.1-2.1 heroic-games-launcher-2.18.1-2.1 as a component of openSUSE Tumbleweed React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (<BrowserRouter>) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0. CVE-2026-22029 openSUSE Tumbleweed:heroic-games-launcher-2.18.1-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-22029.html CVE-2026-22029 https://bugzilla.suse.com/1256470 SUSE Bug 1256470