CVE Catalog
CVE-2026-49234
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.06%
20th percentile - higher than 20% of all known CVEs
Summary
CVE-2026-49234 vulnerability causes Routinator to crash when a specifically crafted non-UTF-8 string is sent as the select-asn query parameter to the /api/v1/origins endpoint.
Risk Assessment
The risk affects users who allow API access from untrusted networks, potentially leading to service downtime.
Recommendation
It is recommended to restrict API access to trusted networks only and to monitor logs for potential exploitation attempts.
Original NVD description (English source)
When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes. This only affects users who allow API access from untrusted networks.

