{"vulnerability": "cve-2026-59801", "sightings": [{"uuid": "a466c399-18c6-47d9-b655-4b87803ba99f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqkogxhj652r", "content": "CVE-2026-59801 - 9router\nAn attacker can access and manipulate provider connections without a password, potentially exposing sensitive information and disrupting service. This vulnerability affects 9Router\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #CVE #infosec", "creation_timestamp": "2026-07-13T21:52:05.263959Z"}, {"uuid": "c0fe6955-a976-4527-a426-20ca8615959b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkseylc7w2t", "content": "CVE-2026-59801 - 9Router 0.4.41 - Unauthenticated API Exposure via /api/providers\nCVE ID : CVE-2026-59801\n \n Published : July 13, 2026, 9:30 p.m. | 22\u00a0minutes ago\n \n Description : 9Router through version 0.4.41 contains an unauthenticated access vulnerability that allows remot...", "creation_timestamp": "2026-07-13T23:02:34.144766Z"}, {"uuid": "284c00b0-d163-48b0-9bc0-4f72c41f5937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-59801", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116916802474100215", "content": "decolua 9Router &lt;=0.4.41 hit by CVE-2026-59801 (CRITICAL): Missing authentication on provider APIs lets remote attackers control connections, steal creds, or disrupt service. Restrict access &amp; monitor now. https://radar.offseq.com/threat/cve-2026-59801-missing-authentication-for-critical-0c4298ad3568d21f #OffSeq #infosec #CVE #routersecurity", "creation_timestamp": "2026-07-14T06:00:27.808773Z"}, {"uuid": "82eb707c-4357-4afa-88c2-c086dd54368e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-59801", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqljqbutrq23", "content": "decolua 9Router (&lt;=0.4.41) faces CRITICAL CVE-2026-59801: Unauthenticated API access lets attackers steal creds, redirect AI traffic, or delete connections. Restrict endpoints &amp; monitor activity. https://radar.offseq.com/threat/cve-2026-59801-missing-authentication-for-critical-0c4298ad3568d21f #...", "creation_timestamp": "2026-07-14T06:00:29.501993Z"}, {"uuid": "4fbf825c-d1a8-48ad-a95f-b8eb974fc751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59801", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-59801.yaml", "content": "", "creation_timestamp": "2026-07-15T09:00:03.629156Z"}]}