9 matches found
CVE-2026-9495
Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...
CVE-2026-9495
CVE-2026-9495 affects the npm package @koa/router, specifically versions 14.0.0 and earlier than 15.0.0. The issue is an Access Control Bypass caused by middleware being silently dropped from the execution chain when the router prefix contains path parameters. This can enable bypass of authentica...
CVE-2026-9495
Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...
EUVD-2026-31792
Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...
CVE-2026-9495
Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...
CVE-2026-9495
Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...
@koa/router 安全漏洞
@koa/router is a routing middleware developed by Koa.js. Versions from 14.0.0 to 15.0.0 of @koa/router had a security vulnerability. This vulnerability occurred when the router prefix contained path parameters, causing the middleware to silently discard requests, which could lead to access contro...
PT-2026-43190
Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...
Access Control Bypass
Overview @koa/router is a Affected versions of this package are vulnerable to Access Control Bypass. due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an attacker...