CVE-2026-62312 - 9Router: Authenticated RCE via Unvalidated MCP Plugin Arguments
CVE ID :CVE-2026-62312 Published : July 15, 2026, 9:16 p.m. | 1 hour, 17 minutes ago Description :9Router is an AI router & token saver. Prior to 0.5.2, 9Router allows a remote authenticated attacker to achieve arbitrary code execution on the host operating system by combining a Host header...