pkg:npm/9router

2 total CVEsCRITICAL1HIGH1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2026-463399router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes
    >= 0.4.30, < 0.4.37
  • HIGH7.3CVE-2026-5842decolua 9router vulnerable to authorization bypass
    from 0, < 0.3.75