Vulnerability  ·  2026-07-11

9Router — Unauthenticated Full Database Export/Import via /api/settings/database (CVSS 9.9)

VulnerabilityHigh impactGlobalCVE-2026-55500
9Router, a self-hosted AI router/token-saver proxy sitting in front of LLM APIs, exposed /api/settings/database allowing full database export (containing all credentials, API keys, OAuth tokens, and settings) and full database import/overwrite without any authentication beyond an easily-bypassed ALWAYS_PROTECTED check. Fixed in 0.4.80.
9Router proxies traffic to numerous downstream LLM providers and stores credentials for all of them; an unauthenticated attacker could exfiltrate every API key/OAuth token the router holds in a single request, or overwrite the entire configuration database to redirect all AI traffic through attacker infrastructure — a supply-chain-level compromise of an AI gateway.
Unauthenticated GET/POST to /api/settings/database bypasses ALWAYS_PROTECTED check to export or overwrite the full application database including all stored LLM API credentials
9Router (npm) < 0.4.80
Upgrade to 9Router ≥0.4.80
GitHub Advisory / commit
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →