4 matches found
CVE-2026-35039
fast-jwt provides fast JSON Web Token JWT implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly create unique keys for different tokens can lead to cache collisions. This could cause tokens to be mis-identified during the verification proce...
CVE-2026-35039 fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)
fast-jwt provides fast JSON Web Token JWT implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly create unique keys for different tokens can lead to cache collisions. This could cause tokens to be mis-identified during the verification proce...
03-api-solid (>=1.0.0 <=1.1.2), @aitech-asia/cms (>=0.0.1 <=2.0.35) +299 more potentially affected by CVE-2026-35039 via fast-jwt (>=0.1.1 <=6.0.1)
fast-jwt NPM version =0.1.1, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =1.1.1, =0.2.0, =0.2.0, =0.1.0, =1.0.6, =1.0.11, =1.9.4, =0.8.0, =0.1.1, =0.5.0, =0.7.0, =1.0.0-beta.0 and more Source cves: CVE-2026-35039 Source advisory: OSV:GHSA-RP9M-7R4C-75QG...
@jsprismarine/client (>=0.12.2-unstable-20250320195345 <=0.13.1-unstable-20250503082416), @jsprismarine/prismarine (>=0.12.2-unstable-20250320195345 <=0.13.1-unstable-20250503082416) +1 more potentially affected by CVE-2026-35039 via fast-jwt (>=6.0.0 <=6.0.1)
fast-jwt NPM version =6.0.0, =0.12.2-unstable-20250320195345, =0.12.2-unstable-20250320195345, =0.12.2-unstable-20250320195345, =0.13.1-unstable-20250503082416 Source cves: CVE-2026-35039 Source advisory: SNYK:JS-FASTJWT-15876720...