24 matches found
PT-2026-44138
Description OidcTokenHandler is Symfony's built-in access-token handler for OpenID Connect: it validates a bearer JWT and returns the authenticated user identity. It delegates claim validation to the web-token/jwt-checker library's ClaimCheckerManager. OidcTokenHandler::verifyClaims registers...
CVE-2026-24899 Fleet Windows MDM Azure AD JWT Authentication Bypass
Fleet is open source device management software. Prior to version 4.82.0, a vulnerability in Fleet's Windows MDM enrollment flow allows authentication tokens from any Azure AD tenant to be accepted. Because Fleet validates JWT signatures using Microsoft's multi-tenant JWKS endpoint but does not...
CVE-2026-30223
OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" local RSA public key or "authJwtHmacSecret" HMAC secret, the configured audience value authJwtAud is not enforced during toke...
CVE-2026-30223
CVE-2026-30223 (OliveTin) : A JWT audience check bypass exists prior to OliveTin v3000.11.1 when authJwtPubKeyPath or authJwtHmacSecret are configured. The configured audience (authJwtAud) is not enforced during token parsing, allowing signed tokens with an incorrect aud claim to be accepted for ...
OliveTin 数据伪造问题漏洞
OliveTin is an open-source web application developed by OliveTin. Versions of OliveTin prior to 3.00.11.1 had a data manipulation vulnerability. This vulnerability stemmed from the lack of enforcing the audience value during JWT authentication configuration, which could lead to authentication usi...
Azure Linux 3.0 Security Update: dcos-cli (CVE-2020-26160)
The version of dcos-cli installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-26160 advisory. - jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with...
CVE-2025-9803
lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper authentication in the Google OAuth integration. The application fails to verify the 'aud' audience field in the access token issued by Google, which is crucial for ensuring the token is intended for the...
CVE-2025-9803
lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper authentication in the Google OAuth integration. The application fails to verify the 'aud' audience field in the access token issued by Google, which is crucial for ensuring the token is intended for the...
PT-2025-47979
Name of the Vulnerable Software and Affected Versions lunary-ai/lunary versions prior to 1.9.35 Description The application is susceptible to account takeover due to flawed authentication within the Google OAuth integration. Specifically, the application does not validate the aud audience field...
CVE-2025-62610 Hono Improperly Authorizes JWT Audience Validation
Hono is a Web application framework that provides support for any JavaScript runtime. In versions from 1.1.0 to before 4.10.2, Hono’s JWT Auth Middleware does not provide a built-in aud Audience verification option, which can cause confused-deputy / token-mix-up issues: an API may accept a valid...
EUVD-2021-1212
Malware in sbrugna...
EUVD-2019-2061
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-26160
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for maud which is allowed by the specification...
SUSE CVE-2020-26160
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...
Authorization bypass in github.com/dgrijalva/jwt-go
jwt-go allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience...
CVE-2020-26160
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...
CVE-2020-26160
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...
CVE-2020-26160
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...
CVE-2020-26160
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...
CVE-2020-26160
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...