CVE-2026-1237
Summary: CVE-2026-1237 describes a vulnerability in Juju where broken cross-model authorization allows a charm to retain access after permissions are revoked or expired by minting an invalid macaroon that the controller erroneously accepts. The root cause is that the Juju controller may fail to v...