CVE-2026-49234

Published: Giu 08, 2026 Last Modified: Giu 08, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,2

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes.

This only affects users who allow API access from untrusted networks.

Improper Input Validation

Stable

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Confidentiality Integrity

Potential Impacts:

Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Memory Read Files Or Directories Modify Memory Execute Unauthorized Code Or Commands

Applicable Platforms

Technologies: AI/ML

Likelihood of Exploit: High

View CWE Details

https://www.nlnetlabs.nl/downloads/routinator/CVE-2026-4923…

https://www.nlnetlabs.nl/downloads/routinator/CVE-2026-49234.txt

CVE-2026-49234

Description

Improper Input Validation

Common Consequences

Applicable Platforms

Iscriviti alla newsletter