CVE-2026-49352 - 9Router: Hardcoded Default fallback JWT Secret Allows Authentication Bypass
CVE ID :CVE-2026-49352 Published : July 15, 2026, 9:16 p.m. | 1 hour, 17 minutes ago Description :9Router is an AI router & token saver. From 0.2.21 until 0.4.44, 9Router used the hardcoded fallback JWT secret 9router-default-secret-change-me in src/app/api/auth/login/route.js,...