A vulnerability was found in koa router 14.x . It has been rated as critical . The impacted element is an unknown function. The manipulation leads to improper access controls. This vulnerability is listed as CVE-2026-9495 . The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is advised.