Lucene search
K

126 matches found

CVE
CVE
added 2026/03/16 5:34 p.m.122 views

CVE-2026-27962

Authlib JWS JWK Header Injection (CVE-2026-27962) is detailed in GHSA-wvwj-cvrp-7pv5: when key=None is passed to JWS deserialization, or a key resolver returns None, the library silently uses the attacker-supplied header.jwk as the verification key, allowing forgeable tokens and bypass of authent...

9.1CVSS5.9AI score0.00548EPSS
Exploits1References10Affected Software1
EUVD
EUVD
added 2026/03/16 3:17 p.m.4 views

EUVD-2026-12478

Authlib JWS JWK Header Injection: Signature Verification Bypass...

9.1CVSS5.8AI score0.00548EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/13 8:3 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.3 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.2 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.3 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:3 p.m.10 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...

9.3CVSS5.9AI score0.00258EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.7 views

centrifugo 代码问题漏洞

Centrifugo is a real-time message pushing server open-sourced by Centrifugal Labs. Versions of Centrifugo prior to 6.7.0 had code vulnerabilities. These vulnerabilities stemmed from improper configuration of dynamic JWKS endpoint URLs, which could allow unauthenticated attackers to forge...

9.3CVSS6.5AI score0.00258EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/12 9:19 p.m.1 views

CVE-2026-32301 Centrifugo: SSRF via unverified JWT claims interpolated into dynamic JWKS endpoint URL

Centrifugo is an open-source scalable real-time messaging server. Prior to 6.7.0, Centrifugo is vulnerable to Server-Side Request Forgery SSRF when configured with a dynamic JWKS endpoint URL using template variables e.g. tenant. An unauthenticated attacker can craft a JWT with a malicious iss or...

9.3CVSS5.8AI score0.00258EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/03/12 8:52 a.m.6 views

SUSE CVE-2026-31837

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/11 7:36 p.m.31 views

CVE-2026-27478 Unity Catalog has a JWT Issuer Validation Bypass Allows Complete User Impersonation

Unity Catalog is an open, multi-modal Catalog for data and AI. In 0.4.0 and earlier, a critical authentication bypass vulnerability exists in the Unity Catalog token exchange endpoint /api/1.0/unity-control/auth/tokens. The endpoint extracts the issuer iss claim from incoming JWTs and uses it to...

9.1CVSS0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/11 5:25 p.m.5 views

CVE-2026-31837

A flaw was found in Istio. A user of Istio could be impacted if the JSON Web Key Set JWKS resolver becomes unavailable or fails to fetch keys. This vulnerability can lead to the exposure of hardcoded default settings, potentially bypassing authentication mechanisms and allowing unauthorized acces...

8.7CVSS5.7AI score0.00378EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/11 12:37 a.m.4 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/11 12:37 a.m.3 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.15 views

PT-2026-24800

Name of the Vulnerable Software and Affected Versions Unity Catalog versions 0.4.0 and earlier Description Unity Catalog is an open, multi-modal Catalog for data and AI. A critical authentication bypass exists in the Unity Catalog token exchange endpoint, /api/1.0/unity-control/auth/tokens. The...

9.1CVSS5.8AI score0.00183EPSS
Exploits0References14
NVD
NVD
added 2026/03/10 10:16 p.m.7 views

CVE-2026-31837

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

8.7CVSS0.00378EPSS
Exploits0References8
Rows per page
Query Builder