[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":36,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":43,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":49,"vulnerability-29448":56},[4,15,21,27],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper","PoC details now live: 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",true,[11],"/exploit-helpers/sniper","See the details","secondary","phpbb-authentication-bypass",{"title":16,"slug":17,"text":7,"link":8,"external":9,"targets":18,"cta":20,"variant":13,"campaign_id":14},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve",[19],"/vulnerabilities-exploits","Read the research",{"title":22,"slug":23,"text":24,"link":8,"external":9,"targets":25,"cta":26,"variant":13,"campaign_id":14},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","The Network Scanner detects 2 new phpBB CVEs our research team found",[19],"See the PoC details",{"title":28,"slug":29,"text":30,"link":31,"external":9,"targets":32,"cta":34,"variant":35,"campaign_id":29},"Office Hours #7 - Emergency CVE response","office-hours-7","Free live Office Hours, Wed Jul 15. Emergency CVE response","https://zoom.us/webinar/register/5117815316917/WN_O1WFe8opSDeTB4KAOTYMcA",[33],"/","Save your spot","primary",["Island",37],{"key":38,"params":39,"result":41},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":40},"{}",{"head":42},{},["Island",44],{"key":45,"params":46,"result":47},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":40},{"head":48},{},["Island",50],{"key":51,"params":52,"result":54},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":53},"{\"text-color\":\"gray\"}",{"head":55},{},{"id":57,"detectable_with":58,"vuln_details":65,"vuln_id":80,"name":81,"published":82,"updated":66},29448,{"tool":59,"engine":62},{"id":60,"name":61},1,"Network Scanner",{"id":63,"name":64},2,"Nuclei",{"id":57,"codename":66,"description":66,"severity":67,"risk_description":68,"public_description":69,"public_recommendation":70,"recommendation":66,"references":71,"cvssv3":74,"epss_score":75,"epss_percentile":76,"cve":77,"in_cisa_catalog":79,"date":66,"software_type":66,"vendor":66,"product":66,"ptt_exploit_capabilities":66},null,"critical","The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.","9Router \u003C= 0.4.36 middleware only guards 8 explicitly listed routes, leaving /api/cli-tools/* and /api/mcp/* entirely unauthenticated. An attacker can POST to /api/cli-tools/cowork-settings to register a custom MCP plugin with attacker-controlled command and args stored verbatim into globalThis, then GET /api/mcp/{name}/sse to trigger spawn() with the stored command resulting in unauthenticated remote code execution.","Upgrade to 9Router 0.4.37 or later.",[72,73],"https://github.com/decolua/9router/security/advisories/GHSA-fhh6-4qxv-rpqj","https://nvd.nist.gov/vuln/detail/CVE-2026-46339",10,0.00147,0.35168,[78],"CVE-2026-46339",false,"NETSCAN-NUCLEI-CVE-CVE-2026-46339","9Router \u003C= 0.4.36 - Unauthenticated RCE","2026-07-15T00:00:00Z"]