424 matches found
EUVD-2026-42625
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0 with Redis configured, Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message authentication used decodetoken without the Redis-backed...
PT-2026-56884
Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.9.0 through 0.9.x Description When Redis is configured, the authentication process for Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message uses the decode token function withou...
PYSEC-2026-1192 arcade-mcp-server Has Default Hardcoded Worker Secret That Allows Full Unauthorized Access to All HTTP MCP Worker Endpoints
Summary The arcade-mcp HTTP server uses a hardcoded default worker secret "dev" that is never validated or overridden during normal server startup. As a result, any unauthenticated attacker who knows this default key can forge valid JWTs and fully bypass the FastAPI authentication layer. This...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
CVE-2026-53928 NocoDB: Refresh Tokens Persist Through Password Recovery
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. passwordChange and passwordReset deleted the user's refresh tokens, but passwordForg...
SUSE-SU-2026:22170-1 Security update for python-PyJWT
This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. - CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are...
NocoDB: Refresh Tokens Persist Through Password Recovery
Summary A stolen refresh token survived a password-forgot flow and could be used to mint fresh JWTs even after the user reset their password. Details passwordChange and passwordReset deleted the user's refresh tokens, but passwordForgot only rotated tokenversion and revoked OAuth tokens — it did...
RLSA-2026:26206 Important: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Token...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
fence-agents security update
An update is available for fence-agents. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling...
ALSA-2026:26206 Important: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Token...
RockyLinux 10 : fence-agents (RLSA-2026:25902)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25902 advisory. python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens CVE-2026-48526 Tenable has extracted the preceding description block directly from the...
EUVD-2026-32917
PyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowed...
CVE-2026-53470
A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the /api/v1/sources/id/image-url endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance OVA images...
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the authentication process. An attacker can gain unauthorized access to protected API endpoints, including those with administrative privileges, by forging valid JWT tokens using a publicly known secret...
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the authentication process. An attacker can gain unauthorized access to protected API endpoints, including those with administrative privileges, by forging valid JWT tokens using a publicly known secret...
PT-2026-48444
Name of the Vulnerable Software and Affected Versions migration-planner affected versions not specified Description An improper access control flaw exists in the '/api/v1/sources/id/image-url' endpoint. An authenticated attacker can bypass ownership checks to obtain presigned S3 URLs for Open...
PT-2026-48445
Name of the Vulnerable Software and Affected Versions migration-planner affected versions not specified Description The agent-API middleware processes JSON Web Tokens JWTs for authentication, but the UpdateSourceInventory and UpdateAgentStatus handlers do not validate the source id claim within t...
CVE-2026-46395
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the hmacBase64 function in the HAXcms Node.js backend contains two critical cryptographic implementation errors that together allow any unauthenticated attacker to extract the system’s private signing ke...