Overview · decolua/9router · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Missing Authorization and Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in 9router
GHSA-g6g7-pvmx-m74p published May 29, 2026 by decolua

Critical
Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes
GHSA-fhh6-4qxv-rpqj published May 13, 2026 by decolua

Critical

Learn more about advisories related to decolua/9router in the GitHub Advisory Database