CVE-2026-49234

HIGH(7.5)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Risk Signal Score24/100 — NIEDRIG

CVSS 7.5 — Hoch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

7.5

Technische Schwere

Beschreibung

When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes. This only affects users who allow API access from untrusted networks.

GitHub Advisories

GHSA-gc6q-cwcj-3vh9HIGH

Routinator crashes when sending a maliciously crafted select-asn query parameter

rust/routinator→ 0.15.2

GitHub Advisory

Referenzen

https://www.nlnetlabs.nl/downloads/routinator/CVE-2026-49234.txt