PatchSiren cyber security CVE debrief
CVE-2026-62328 decolua CVE debrief
CVE-2026-62328 is an unauthenticated information disclosure vulnerability in 9Router through version 0.4.41. The vulnerability allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can enumerate paginated request logs and retrieve complete AI conversation histories, including system prompts, user messages, assistant responses, tool calls, and user email addresses, by querying the request-logs and request-details API routes, which lack authentication middleware.
- Vendor
- decolua
- Product
- 9Router
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-13
- Original CVE updated
- 2026-07-13
- Advisory published
- 2026-07-13
- Advisory updated
- 2026-07-13
Who should care
Users of 9Router through version 0.4.41 should be aware of this vulnerability and take immediate action to protect their systems. This vulnerability is particularly concerning because it allows unauthenticated access to sensitive user data.
Technical summary
The CVE-2026-62328 vulnerability in 9Router through version 0.4.41 is caused by a lack of authentication middleware in the request-logs and request-details API routes. This allows remote attackers to access sensitive user data, including AI conversation histories and user email addresses. Users of 9Router should be aware of this vulnerability and take immediate action to protect their systems. The vulnerability has a CVSS score of 8.7 and a severity rating of HIGH. To mitigate this vulnerability, users should update 9Router to a version that includes authentication middleware for these API routes and implement additional monitoring to detect and respond to potential exploitation attempts.
Defensive priority
High
Recommended defensive actions
- Immediately update 9Router to a version that includes authentication middleware for the request-logs and request-details API routes.
- Implement additional monitoring to detect and respond to potential exploitation attempts.
- Review and update access controls to ensure that sensitive user data is properly protected.
- Consider implementing compensating controls, such as web application firewalls, to help mitigate the vulnerability.
- Review relevant logs for exposed assets that need extra review.
- Track exceptions and retest remediated assets.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
Evidence notes
The CVE-2026-62328 vulnerability was reported by Vulncheck and is described in their advisory. The vulnerability is also described in the NVD detail page. However, the evidence is limited, and further verification is needed to fully understand the scope of the vulnerability.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-13T22:16:52.550Z and has not been modified since then.