[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":36,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":43,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":49,"vulnerability-29447":56},[4,15,21,27],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper","PoC details now live: 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",true,[11],"/exploit-helpers/sniper","See the details","secondary","phpbb-authentication-bypass",{"title":16,"slug":17,"text":7,"link":8,"external":9,"targets":18,"cta":20,"variant":13,"campaign_id":14},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve",[19],"/vulnerabilities-exploits","Read the research",{"title":22,"slug":23,"text":24,"link":8,"external":9,"targets":25,"cta":26,"variant":13,"campaign_id":14},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","The Network Scanner detects 2 new phpBB CVEs our research team found",[19],"See the PoC details",{"title":28,"slug":29,"text":30,"link":31,"external":9,"targets":32,"cta":34,"variant":35,"campaign_id":29},"Office Hours #7 - Emergency CVE response","office-hours-7","Free live Office Hours, Wed Jul 15. Emergency CVE response","https://zoom.us/webinar/register/5117815316917/WN_O1WFe8opSDeTB4KAOTYMcA",[33],"/","Save your spot","primary",["Island",37],{"key":38,"params":39,"result":41},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":40},"{}",{"head":42},{},["Island",44],{"key":45,"params":46,"result":47},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":40},{"head":48},{},["Island",50],{"key":51,"params":52,"result":54},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":53},"{\"text-color\":\"gray\"}",{"head":55},{},{"id":57,"detectable_with":58,"vuln_details":65,"vuln_id":81,"name":82,"published":83,"updated":66},29447,{"tool":59,"engine":62},{"id":60,"name":61},1,"Network Scanner",{"id":63,"name":64},2,"Nuclei",{"id":57,"codename":66,"description":66,"severity":67,"risk_description":68,"public_description":69,"public_recommendation":70,"recommendation":66,"references":71,"cvssv3":74,"epss_score":75,"epss_percentile":76,"cve":77,"in_cisa_catalog":79,"date":80,"software_type":66,"vendor":66,"product":66,"ptt_exploit_capabilities":66},null,"critical","Remote attackers can expose credentials, redirect traffic, or cause denial of service by deleting provider connections.","9Router through version 0.4.41 contains an unauthenticated access vulnerability caused by missing authentication middleware in Next.js API routes under src/app/api/providers/*, letting remote attackers enumerate, create, modify, or delete provider connections, exploit requires no authentication.","Update to the latest version that includes authentication middleware for API routes.",[72,73],"https://github.com/decolua/9router/security/advisories/GHSA-vjc7-jrh9-9j86","https://nvd.nist.gov/vuln/detail/CVE-2026-59801",9.8,0.00521,0.40708,[78],"CVE-2026-59801",false,"2026-07-13T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2026-59801","9Router - Unauthenticated LLM Provider API Exposure","2026-07-15T00:00:00Z"]