Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| # | POC Description | Source Link | Shenlong Link |
|---|
| CVE-2026-55500 | 9.9 CRITICAL | 9router: Exposure of Sensitive Information and Unprotected Database Import/Export Allows C |
| CVE-2026-56675 | 8.3 HIGH | 9router: Reverse proxy locality collapse allows unauthenticated access to 9router /v1 APIs |
| CVE-2026-55641 | 8.2 HIGH | 9router: Unauthenticated `/v1` proxy access via `Host`-header spoofing → open AI relay + S |
| CVE-2026-56676 | 7.4 HIGH | 9router: Image prefetch DNS rebinding allows SSRF to internal services |
| CVE-2026-55501 | 7.3 HIGH | 9router: Login brute-force protection bypass via spoofed X-Forwarded-For header |
No comments yet