CVE-2026-62312 | decolua 9router up to 0.5.1 child_process /api/mcp child_process.spawn os command injection

SecurityVulns

A vulnerability was found in decolua 9router up to 0.5.1. It has been rated as very critical. This impacts the function child_process.spawn of the file /api/mcp of the component child_process. The manipulation leads to os command injection.

This vulnerability is documented as CVE-2026-62312. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More