{"vulnerability": "cve-2026-49352", "sightings": [{"uuid": "8e330481-1ad0-4eb0-99db-100170fa4b24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49352", "type": "published-proof-of-concept", "source": "https://github.com/decolua/9router/security/advisories/GHSA-jphh-m39h-6gwx", "content": "", "creation_timestamp": "2026-07-02T22:35:02.831369Z"}, {"uuid": "688e40cf-0b21-464e-8a79-c2cf38892fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mprk4i62nu2j", "content": "CVE-2026-49352 - 9router\n9router's default secret is hardcoded and publicly known, allowing unauthorized users to access the dashboard and API if the server's JWT secret is not set. This vulnerability\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #npm #CVE #infosec", "creation_timestamp": "2026-07-03T21:58:06.747307Z"}, {"uuid": "62512c32-f0e6-4d16-ab36-1bad46c02e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "https://t.me/GithubRedTeam/92231", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cve-2026-49352-poc\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a covepseng\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Go\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-06 17:51:59\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nExploitability PoC for CVE-2026-49352 (9router Hardcoded JWT Secret Authentication Bypass)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:10.834247Z"}, {"uuid": "cb565c48-bac1-4db3-a5b3-d6ac9ccafb0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "https://t.me/GithubRedTeam/92231", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cve-2026-49352-poc\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a covepseng\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Go\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-06 17:51:59\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nExploitability PoC for CVE-2026-49352 (9router Hardcoded JWT Secret Authentication Bypass)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:19.316308Z"}, {"uuid": "ea7a1b6c-efb1-4712-8dbf-5deb62fc2132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/92231", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cve-2026-49352-poc\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a covepseng\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Go\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-06 17:51:59\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nExploitability PoC for CVE-2026-49352 (9router Hardcoded JWT Secret Authentication Bypass)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:30.933124Z"}, {"uuid": "d57825b5-3f79-4f4e-88b3-f226748bbf2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpxdmptly22", "content": "CVE-2026-49352 - 9Router: Hardcoded Default fallback JWT Secret Allows Authentication Bypass\nCVE ID : CVE-2026-49352\n \n Published : July 15, 2026, 9:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : 9Router is an AI router &amp; token saver. From 0.2.21 until 0.4.44, 9Router u...", "creation_timestamp": "2026-07-16T00:14:35.529076Z"}, {"uuid": "ad089a69-55be-4ae2-ab4a-bc0351eebb41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "Telegram/YXp3PmsKI-RtSlTiFx3LPWyL-Cii7iOu_xJp1uY-0uO5YWA", "content": "", "creation_timestamp": "2026-07-16T19:00:20.411188Z"}, {"uuid": "9996967a-c2c4-488f-b7ec-b92f89ab3d46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "Telegram/G9HreL550hRAFaAR8qW2BMwez1E27QUu1xHndCMIzM5T1KA", "content": "", "creation_timestamp": "2026-07-16T19:00:20.853718Z"}, {"uuid": "5894a685-9860-42c6-940a-20455c7f0e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "Telegram/YXp3PmsKI-RtSlTiFx3LPWyL-Cii7iOu_xJp1uY-0uO5YWA", "content": "", "creation_timestamp": "2026-07-17T00:00:36.800019Z"}, {"uuid": "35fa3678-48f9-41c6-8d5c-eb82af078ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "seen", "source": "Telegram/G9HreL550hRAFaAR8qW2BMwez1E27QUu1xHndCMIzM5T1KA", "content": "", "creation_timestamp": "2026-07-17T00:00:37.260802Z"}, {"uuid": "5ca9677a-1d21-4179-bc74-9bf71f572345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "published-proof-of-concept", "source": "Telegram/G9HreL550hRAFaAR8qW2BMwez1E27QUu1xHndCMIzM5T1KA", "content": "", "creation_timestamp": "2026-07-18T00:00:23.409567Z"}, {"uuid": "d5221ece-ddf8-4d5a-a1f9-366e3746aef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49352", "type": "published-proof-of-concept", "source": "Telegram/YXp3PmsKI-RtSlTiFx3LPWyL-Cii7iOu_xJp1uY-0uO5YWA", "content": "", "creation_timestamp": "2026-07-18T00:00:23.625179Z"}]}