AI Router Vulnerability Exposes Internal HTTP Services via DNS Rebinding
CVE-2026-56676
7.4HIGH
What is CVE-2026-56676?
The 9Router AI router, specifically versions prior to 0.5.2, is susceptible to a DNS rebinding vulnerability where an authenticated attacker with access to the LLM proxy can exploit the image URL validation process. This flaw arises because the server-side image fetch mechanism resolves DNS queries separately, enabling attackers to redirect image requests from a public IP to internal addresses. As a result, this vulnerability facilitates unauthorized access to internal-only HTTP services, which poses a significant risk to network security. The issue has been addressed in version 0.5.2.
Affected Version(s)
9router < 0.5.2
