Linux Distros Unpatched Vulnerability : CVE-2026-32597

🗓️ 13 Mar 2026 00:00:00Reported by TenableType

Linux or Unix host uses PyJWT before version two point twelve zero with an unvalidated critical header parameter in tokens.

Reporter	Title	Published	Views	Family All 160
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem	9 Apr 202610:57	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem	23 Mar 202615:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Edge Data Collector uses PyJWT-2.10.1-py3-none-any.whl, pyjwt-2.11.0-py3-none-any.whl which is vulnerable to CVE-2026-32597.	4 May 202614:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pyjwt-2.11.0-py3-none-any.whl	29 Apr 202617:40	–	ibm
IBM Security Bulletins	Security Bulletin: PyJWT Fails to Validate Critical (crit) Header Parameter, Allowing Token Acceptance	4 May 202612:30	–	ibm
ATTACKERKB	CVE-2026-32597	12 Mar 202621:41	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : python3-jwt, python3-jwt+crypto (ALAS2023-2026-1519)	2 Apr 202600:00	–	nessus
Tenable Nessus	AlmaLinux 8 : fence-agents (ALSA-2026:12176)	30 Apr 202600:00	–	nessus
Tenable Nessus	AlmaLinux 10 : fence-agents (ALSA-2026:13916)	6 May 202600:00	–	nessus
Tenable Nessus	Debian dla-4564 : python3-jwt - security update	5 May 202600:00	–	nessus

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2026-32597
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(302069);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/06");

  script_cve_id("CVE-2026-32597");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2026-32597");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit
    (Critical) Header Parameter defined in RFC 7515 4.1.11. When a JWS token contains a crit array listing
    extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This
    violates the MUST requirement in the RFC. This vulnerability is fixed in 2.12.0. (CVE-2026-32597)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2026-32597");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-32597");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/03/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/03/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:13.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:pyjwt");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Debian Linux-12", "Host/OS/Debian Linux-13");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-12": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "12",
        "pkgs": [
          {"reference": "python3-jwt"}
        ]
      }
    ]
  },
  "Debian Linux-13": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "13",
        "pkgs": [
          {"reference": "python-jwt-doc"},
          {"reference": "python3-jwt"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

06 May 2026 00:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.5

EPSS0.00014

SSVC