Juju has broken CMR authorization

Impact Cross-model Relation authorization is broken and has a potential security vulnerability. If the controller does not have the root key to verify the macaroon or if the macaroon has expired, an unvalidated and therefore untrusted macaroon is used to extract declared caveats. Facts from these...

EUVD-2026-4900

Juju has broken CMR authorization...

CVE-2026-1237

Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or...

CVE-2026-1237

Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or...

CVE-2026-1237

Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or...

CVE-2026-1237

Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or...

PT-2026-5129

Name of the Vulnerable Software and Affected Versions juju affected versions not specified Description A flaw exists in juju related to cross-model authorization. If permissions for a charm in a cross-model relation are revoked or expire, a malicious user capable of updating database records can...