Lucene search
K

1662 matches found

Nuclei
Nuclei
added 18 hours ago12 views

FUXA <= 1.2.7 - Hardcoded JWT Secret Authentication Bypass

FUXA v1.2.7 contains a hardcoded credentials vulnerability caused by use of a hard-coded secret key in server/api/jwt-helper.js, letting remote attackers forge admin tokens and bypass authentication, exploit requires no special conditions. id: CVE-2025-69971 info: name: FUXA = 1.2.7 - Hardcoded J...

9.8CVSS6.1AI score0.02036EPSS
Exploits0References3
Nuclei
Nuclei
added 18 hours ago169 views

Cisco IOS XE WLC - Arbitrary File Upload

A vulnerability in the Out-of-Band Access Point AP Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.This vulnerability is due to the presence of a hard-coded JSON Web...

10CVSS7.1AI score0.17894EPSS
Exploits1References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-43228

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'authtoken', 'refreshtoken' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware packages/server/src/enterprise/middleware/passport/index.t...

9.8CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-43226

Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...

8.8CVSS6.2AI score
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-43219

A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...

7.5CVSS6.6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57552

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description The enterprise passport authentication middleware in packages/server/src/enterprise/middleware/passport/index.ts uses weak hardcoded default secrets and values for audience and issuer. When the...

9.8CVSS6.1AI score
Exploits0References8
NVD
NVD
added 2 days ago5 views

CVE-2026-14262

The Simple JWT Login – Allows you to use JWT on REST endpoints. plugin for WordPress is vulnerable to Authentication Bypass to Privilege Escalation in all versions up to, and including, 3.6.6 via the payload parameter. The vulnerability exists because AuthenticateService::generatePayload only...

8.8CVSS0.00393EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-43145

The Simple JWT Login – Allows you to use JWT on REST endpoints. plugin for WordPress is vulnerable to Authentication Bypass to Privilege Escalation in all versions up to, and including, 3.6.6 via the payload parameter. The vulnerability exists because AuthenticateService::generatePayload only...

8.8CVSS6.1AI score0.00393EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-14262 Simple JWT Login <= 3.6.6 - Authenticated (Subscriber+) Authentication Bypass to Privilege Escalation via 'payload' Parameter

The Simple JWT Login – Allows you to use JWT on REST endpoints. plugin for WordPress is vulnerable to Authentication Bypass to Privilege Escalation in all versions up to, and including, 3.6.6 via the payload parameter. The vulnerability exists because AuthenticateService::generatePayload only...

8.8CVSS0.00393EPSS
Exploits0References6
CVE
CVE
added 2 days ago12 views

CVE-2026-14262

The CVE concerns the WordPress plugin Simple JWT Login . All versions up to and including 3.6.6 are vulnerable to Authentication Bypass to Privilege Escalation via the payload parameter. The flaw arises because AuthenticateService::generatePayload() only overwrites JWT payload keys listed in the ...

8.8CVSS6.1AI score0.00393EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago11 views

PT-2026-57390

Name of the Vulnerable Software and Affected Versions The Simple JWT Login – Allows you to use JWT on REST endpoints. versions prior to 3.6.7 Description An authentication bypass leading to privilege escalation exists due to improper handling of identity claims. The...

8.8CVSS6.1AI score0.00393EPSS
Exploits0References10
CVE
CVE
added 3 days ago10 views

CVE-2026-56665

ZITADEL's external JWT Identity Provider validation (internal/idp/providers/jwt/session.go) does not enforce expiration when an incoming token omits the exp claim, causing tokens from trusted issuers to be treated as valid without an automatic expiration window. Affected releases: 3.0.0-rc.1 thro...

4.2CVSS6.1AI score0.00167EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-56665 ZITADEL: Missing Token Expiration (`exp`) Validation in JWT IdP Provider

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL is an open source identity management platform. From 3.0.0-rc.1 through 3.4.11 and from 4.0.0-rc.1 through 4.15.1, ZITADEL's external JWT Identity Provider validation in internal/idp/providers/jwt/session....

4.2CVSS0.00167EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-42963

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL is an open source identity management platform. From 3.0.0-rc.1 through 3.4.11 and from 4.0.0-rc.1 through 4.15.1, ZITADEL's external JWT Identity Provider validation in internal/idp/providers/jwt/session....

4.2CVSS6.1AI score0.00167EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-56664 ZITADEL: Missing Token Lifecyle Validation (`exp` and `iat`) in JWT IdP Provider

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validation in internal/idp/providers/jwt/session.go skips the maximum token age freshness check when an incoming token omits the iat claim, allowing arbitrarily old tokens...

4.2CVSS0.00203EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-55669 ZITADEL: Missing Token Audience Validation (`aud`) in JWT IdP Provider

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validates a token's signature and issuer iss but not the audience aud claim, allowing a validly signed token from a trusted issuer for another relying party to be accepted ...

4.2CVSS0.00112EPSS
Exploits0References3
NVD
NVD
added 4 days ago6 views

CVE-2026-55689

OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skipped JWT audience validation when authn.method was set to oidc, authn.oidc.issuer was configured, and authn.oidc.audience was not set, allowing a token minted for an unrelated...

6.8CVSS0.00298EPSS
Exploits0References5
CVE
CVE
added 4 days ago49 views

CVE-2026-55689

OpenFGA OpenID Connect authentication had a JWT audience validation bypass prior to 1.18.0 when authn.method=oidc, issuer configured, and authn.oidc.audience unset. This allowed a token minted for a different service by the same identity provider to authenticate to OpenFGA. The issue is fixed in ...

6.8CVSS6AI score0.00298EPSS
Exploits0References5
OSV
OSV
added 6 days ago4 views

PYSEC-2026-1203 Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

Summary Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving...

7.5CVSS7.2AI score0.00596EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/07/06 5:37 a.m.6 views

python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...

7.4CVSS5.9AI score0.00394EPSS
Exploits1References5
Rows per page
Query Builder