A vulnerability was found in decolua 9router up to 0.4.0 . It has been classified as critical . This issue affects the function isAuthenticated of the file src/dashboardGuard.js of the component HTTP Header Handler . The manipulation of the argument Host leads to improper authorization. This vulnerability is uniquely identified as CVE-2026-10269 . The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.