FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Routinator -- CWE-20 Improper Input Validation

Affected packages
routinator < 0.15.2

Details

VuXML ID 40edfb37-6a59-11f1-bf61-3c7c3fba4204
Discovery 2026-06-08
Entry 2026-06-17

https://www.nlnetlabs.nl/downloads/routinator/CVE-2026-49234.txt reports:

When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes. This only affects users who allow API access from untrusted networks.

Thanks to X41 D-Sec GmbH for reporting the vulnerability.

[source]

References

CVE Name CVE-2026-49234
URL https://cveawg.mitre.org/api/cve/CVE-2026-49234

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.