3 matches found
CVE-2026-36721
A lack of cryptographic signature verification in the validateAccessToken function of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token...
CVE-2026-45156 Nextcloud: Authentication Bypass in ID4me handling via Missing JWT Signature Verification in User OIDC
Nextcloud is an open source content collaboration platform. From versions 0.3.0 to before 3.1.0, 5.0.0 to before 5.1.0, and 6.0.0 to before 6.4.0, a missing signature verification in User OIDC allowed a malicious ID4me authority to identify as any user. This issue has been patched in versions...
CVE-2026-33746
Convoy (KVM server management panel) is vulnerable in versions 3.9.0-beta through