79 matches found
CVE-2026-55954
Authentication Bypass by Spoofing vulnerability in ueberauth ueberauthapple allows account takeover via unvalidated ID token claims. The Ueberauth.Strategy.Apple.Token.payload/2 function verifies the JWT signature of the callback idtoken against Apple's JWKS but does not validate any registered...
CVE-2026-55954
CVE-2026-55954 affects ueberauth_apple (v0.1.0 up to but not including v0.6.2). The root cause is lack of validation for registered ID token claims (iss, aud, exp, iat) in Ueberauth.Strategy.Apple.Token.payload/2; the code uses the unvalidated sub to derive the user uid and email. An attacker who...
CVE-2026-55669
ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validates a token's signature and issuer iss but not the audience aud claim, allowing a validly signed token from a trusted issuer for another relying party to be accepted ...
CVE-2026-55669 ZITADEL: Missing Token Audience Validation (`aud`) in JWT IdP Provider
ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validates a token's signature and issuer iss but not the audience aud claim, allowing a validly signed token from a trusted issuer for another relying party to be accepted ...
CVE-2026-55669
CVE-2026-55669 affects ZITADEL: the external JWT Identity Provider failed to validate the audience (aud) claim, accepting a token signed for a different relying party. The issue, affecting ZITADEL’s JWT IdP implementation, is mitigated by requiring audience validation and is fixed in versions 3.4...
CVE-2026-55669 ZITADEL: Missing Token Audience Validation (`aud`) in JWT IdP Provider
ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validates a token's signature and issuer iss but not the audience aud claim, allowing a validly signed token from a trusted issuer for another relying party to be accepted ...
CVE-2026-55689
OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, when OpenFGA is configured to use OIDC authentication authn.method=oidc, authn.oidc.issuer set but authn.oidc.audience is left unset, the JWT audience claim on incoming bearer tokens is not validated. As a result...
Linux Distros Unpatched Vulnerability : CVE-2026-55689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skipped JWT audience validation when...
CVE-2026-55689
OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skipped JWT audience validation when authn.method was set to oidc, authn.oidc.issuer was configured, and authn.oidc.audience was not set, allowing a token minted for an unrelated...
CVE-2026-55689 OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset
OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skipped JWT audience validation when authn.method was set to oidc, authn.oidc.issuer was configured, and authn.oidc.audience was not set, allowing a token minted for an unrelated...
CVE-2026-55689 OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset
OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skipped JWT audience validation when authn.method was set to oidc, authn.oidc.issuer was configured, and authn.oidc.audience was not set, allowing a token minted for an unrelated...
CVE-2026-55689
OpenFGA’s OIDC authentication could accept tokens from the same identity provider for a different application when authn.method=oidc and authn.oidc.issuer is configured but authn.oidc.audience is unset (pre-1.18.0). This allowed unauthorized authentication to OpenFGA. The issue is fixed in OpenFG...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.18.1.P1 for Spring Boot release.
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
GO-2026-5423 OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset in github.com/openfga/openfga
OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset in github.com/openfga/openfga...
GO-2026-5391 ZITADEL: Missing Token Audience Validation (`aud`) in JWT IdP Provider in github.com/zitadel/zitadel
ZITADEL: Missing Token Audience Validation aud in JWT IdP Provider in github.com/zitadel/zitadel...
CVE-2026-55759
Rocket.Chat Apple Sign-In had a JWT claims validation bypass prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13. Any Apple-signed JWT with a non-empty iss could be accepted regardless of aud, exp, nbf, or nonce, enabling replay authentication if an attacker obtains a user’s identity t...
GHSA-HCXC-WF8J-23HV OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset
Description OpenFGA's OIDC authenticator skipped JWT audience aud validation when no audience was configured. In deployments where one identity provider issues tokens for multiple services, a token minted for an unrelated service could authenticate to OpenFGA. Preconditions This applies if the...
OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset
Description OpenFGA's OIDC authenticator skipped JWT audience aud validation when no audience was configured. In deployments where one identity provider issues tokens for multiple services, a token minted for an unrelated service could authenticate to OpenFGA. Preconditions This applies if the...
PT-2026-50974
Name of the Vulnerable Software and Affected Versions OpenFGA versions prior to 1.18.0 Description The OIDC authenticator fails to validate the JWT audience aud claim when no audience is configured. In environments where a single identity provider issues tokens for multiple services, a token...
GHSA-G5H5-M4HM-XJRR ZITADEL: Missing Token Audience Validation (`aud`) in JWT IdP Provider
Summary An authentication bypass vulnerability was discovered in ZITADEL's external JWT Identity Provider IdP implementation. When validating JSON Web Tokens JWTs from an external provider, ZITADEL properly checks the token's cryptographic signature and issuer iss, but it fails to validate the...