{"vulnerability": "CVE-2026-62327", "sightings": [{"uuid": "82c37dbb-f8a2-4555-86f6-1529212d0a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62327", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqkogyu3uw2v", "content": "CVE-2026-62327 - 9router\nThe 9Router software up to version 0.4.41 allows anyone to access sensitive API keys for connected AI services without needing a password. This is a serious issue because attackers\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#9router #decolua #CVE #infosec", "creation_timestamp": "2026-07-13T21:52:06.517905Z"}, {"uuid": "0a192d44-d4d6-47ef-ad68-09340a96cd09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-62327", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqkslpine22x", "content": "CVE-2026-62327 - 9Router 0.4.41 - Unauthenticated API Key Exposure via /api/usage/stats\nCVE ID : CVE-2026-62327\n \n Published : July 13, 2026, 9:37 p.m. | 14\u00a0minutes ago\n \n Description : 9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerabil...", "creation_timestamp": "2026-07-13T23:06:19.801872Z"}, {"uuid": "e391303e-6377-4dcc-a5c2-d2c751a5728b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-62327", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116915387588740902", "content": "CVE-2026-62327 (CRITICAL): decolua 9Router \u22640.4.41 exposes plaintext API keys &amp; usage stats via unauthenticated /api/usage/stats. No patch yet \u2014 restrict access or add auth controls. Details: https://radar.offseq.com/threat/cve-2026-62327-missing-authentication-for-critical-4c8f1eac7b8172c7 #OffSeq #CVE #APIsecurity #Vuln", "creation_timestamp": "2026-07-14T00:00:38.703535Z"}, {"uuid": "5ba22fe6-b6cd-4086-9c43-b3ba53ae21c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-62327", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqkvmuflp22f", "content": "decolua 9Router \u22640.4.41 has a CRITICAL flaw: unauthenticated access to /api/usage/stats leaks all connected AI API keys &amp; usage. Restrict endpoint or add authentication ASAP. https://radar.offseq.com/threat/cve-2026-62327-missing-authentication-for-critical-4c8f1eac7b8172c7 #OffSeq #CVE #APIsecurity", "creation_timestamp": "2026-07-14T00:00:40.472306Z"}]}