{"vulnerability": "cve-2026-46339", "sightings": [{"uuid": "bd6f372c-a933-4319-b6df-f755fb5034fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46339", "type": "published-proof-of-concept", "source": "https://github.com/decolua/9router/security/advisories/GHSA-fhh6-4qxv-rpqj", "content": "", "creation_timestamp": "2026-05-13T13:15:48.000000Z"}, {"uuid": "97f2a303-9e0e-427c-8b69-012c7af545f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-46339.yaml", "content": "", "creation_timestamp": "2026-07-15T06:00:04.825296Z"}, {"uuid": "86ae5892-b393-43ee-ad7f-fd309da4260f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqpq2aalhz2a", "content": "CVE-2026-46339 - 9router\nThe 9router software exposes unauthenticated API endpoints that can be used to execute arbitrary OS commands without any prerequisites or credentials. This vulnerability exists\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #npm #CVE #infosec", "creation_timestamp": "2026-07-15T22:04:04.465509Z"}, {"uuid": "af0df7d4-e2a3-44fd-8bdd-62e3505582c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-46339.yaml", "content": "", "creation_timestamp": "2026-07-16T00:00:03.619820Z"}, {"uuid": "44111896-18b3-46c2-a90b-945d312fea4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46339", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqq23ub7dj2e", "content": "CVE-2026-46339 - 9Router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes\nCVE ID : CVE-2026-46339\n \n Published : July 15, 2026, 9:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : 9Router is an AI router &amp; token saver. From 0.4.30 until 0.4.3...", "creation_timestamp": "2026-07-16T01:03:56.409644Z"}, {"uuid": "32d87a3d-f322-45b1-88ae-3bb3fad0e471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46339", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116927419172028216", "content": "CRITICAL: CVE-2026-46339 impacts decolua 9Router (&lt;0.4.37). OS command injection via exposed API lets unauth attackers gain full control. Patch to 0.4.37 now! https://radar.offseq.com/threat/cve-2026-46339-cwe-78-improper-neutralization-of-s-96ae550cea593bb1 #OffSeq #CVE202646339 #infosec #security", "creation_timestamp": "2026-07-16T03:00:25.538953Z"}, {"uuid": "83a23b17-be05-488f-9182-aed74e0788f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46339", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqqam6zeky26", "content": "CVE-2026-46339 in decolua 9Router (&lt;0.4.37): CRITICAL OS command injection lets unauthenticated attackers fully compromise systems. Upgrade to 0.4.37 now. https://radar.offseq.com/threat/cve-2026-46339-cwe-78-improper-neutralization-of-s-96ae550cea593bb1 #OffSeq #CVE #security", "creation_timestamp": "2026-07-16T03:00:27.443537Z"}]}