Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/04/07 5:3 p.m.4 views

CVE-2026-35039

fast-jwt provides fast JSON Web Token JWT implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly create unique keys for different tokens can lead to cache collisions. This could cause tokens to be mis-identified during the verification proce...

9.1CVSS5.9AI score0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/06 4:59 p.m.3 views

CVE-2026-35039 fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)

fast-jwt provides fast JSON Web Token JWT implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly create unique keys for different tokens can lead to cache collisions. This could cause tokens to be mis-identified during the verification proce...

9.1CVSS5.8AI score0.00212EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/03 4:7 a.m.7 views

03-api-solid (>=1.0.0 <=1.1.2), @aitech-asia/cms (>=0.0.1 <=2.0.35) +299 more potentially affected by CVE-2026-35039 via fast-jwt (>=0.1.1 <=6.0.1)

fast-jwt NPM version =0.1.1, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =1.1.1, =0.2.0, =0.2.0, =0.1.0, =1.0.6, =1.0.11, =1.9.4, =0.8.0, =0.1.1, =0.5.0, =0.7.0, =1.0.0-beta.0 and more Source cves: CVE-2026-35039 Source advisory: OSV:GHSA-RP9M-7R4C-75QG...

9.1CVSS5.7AI score0.00212EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/03 4:7 a.m.11 views

@jsprismarine/client (>=0.12.2-unstable-20250320195345 <=0.13.1-unstable-20250503082416), @jsprismarine/prismarine (>=0.12.2-unstable-20250320195345 <=0.13.1-unstable-20250503082416) +1 more potentially affected by CVE-2026-35039 via fast-jwt (>=6.0.0 <=6.0.1)

fast-jwt NPM version =6.0.0, =0.12.2-unstable-20250320195345, =0.12.2-unstable-20250320195345, =0.12.2-unstable-20250320195345, =0.13.1-unstable-20250503082416 Source cves: CVE-2026-35039 Source advisory: SNYK:JS-FASTJWT-15876720...

9.1CVSS5.4AI score0.00212EPSS
Exploits0
Rows per page
Query Builder