CVE-2026-55638: CWE-862: Missing Authorization in decolua 9router
9Router is an AI router & token saver. Prior to 0.5.2, 9router protects /v1, /v1beta, /api/v1, and /api/v1beta in src/dashboardGuard.js but omits /codex before next.config.mjs rewrites /codex/* to…
Read the full article5h agoen
You might also wanna read

WAF - WAF Release - 2026-05-07 - Emergency
This emergency release introduces a new rule to detect Next.js App Router middleware and proxy bypass attempts via segment-prefetch routes (
Cloudflare·2mo ago
Critical Undocumented Authentication Backdoor Found in Multiple Tenda Router Firmware Versions (CVE-2026-11405)
Tenda firmware (multiple versions) contains hidden authentication backdoor
CVE-2026-48800 Bypass: Path Traversal Vulnerability Discovered in Notepad++ v8.9.6.1
## Vulnerability Summary **Product**: Notepad++ v8.9.6.1 (latest patched version) **Type**: CWE-42 (Path Traversal) / CWE-59 (Improper Link
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8562
A look at how Kubernetes CVE-2020-8562 allows attackers to bypass API server proxy protections using DNS rebinding
Datadog·3mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.