Product
Multiple critical unauthenticated API vulnerabilities in 9Router versions up to 0.4.41 allow an attacker to perform full CRUD operations on provider connections, leak plaintext API keys, and access sensitive conversation history, posing risks of data exfiltration and denial of service.