Lucene search
K

3120 matches found

Nuclei
Nuclei
added 8 hours ago37 views

DataEase < 2.10.10 - JWT Authentication Bypass

DataEase 2.10.10 contains a broken authentication caused by ineffective secret verification, letting users forge JWT tokens, exploit requires no special privileges. id: CVE-2025-49001 info: name: DataEase 2.10.10 - JWT Authentication Bypass author: YunSeoJo,aryu-ru severity: critical description:...

9.8CVSS6.1AI score0.20154EPSS
Exploits0References3
Nuclei
Nuclei
added 8 hours ago82 views

DataEase v2.10.2 - JWT Signature Verification Bypass

DataEase is an open source data visualization analysis tool that helps users quickly analyze data and gain insights into business trends. In affected versions, the lack of signature verification of JWT tokens allows attackers to forge JWTs, which then allow access to any interface. The...

9.3CVSS6.1AI score0.01223EPSS
Exploits1References1
Nuclei
Nuclei
added 8 hours ago70 views

D-Link D-View 8 v2.0.1.28 - Authentication Bypass

Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28 id: CVE-2023-5074 info: name: D-Link D-View 8 v2.0.1.28 - Authentication Bypass author: DhiyaneshDK severity: critical description: | Use of a static key t...

9.8CVSS6.8AI score0.67914EPSS
Exploits1References4
Nuclei
Nuclei
added 8 hours ago102 views

CasaOS < 0.4.4 - Authentication Bypass via Internal IP

CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as root on CasaOS instances. The problem was addressed by improving the detection of client IP addresses in 391dd7f. This patch is part of CasaOS...

9.8CVSS7.3AI score0.06363EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago74 views

CasaOS < 0.4.4 - Authentication Bypass via Random JWT Token

CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as root on CasaOS instances. This problem was addressed by improving the validation of JWTs in commit 705bf1f...

9.8CVSS7.3AI score0.05871EPSS
Exploits1References2
Nuclei
Nuclei
added 8 hours ago95 views

Apache ShenYu Admin JWT - Authentication Bypass

Apache ShenYu 2.3.0 and 2.4.0 allow Admin access without proper authentication. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. id: CVE-2021-37580 info: name: Apache ShenYu Admin JWT - Authentication Bypass author: pdteam severity: critical descriptio...

9.8CVSS7AI score0.40058EPSS
Exploits2References5
Nuclei
Nuclei
added 8 hours ago291 views

OpenMetadata - Authentication Bypass

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The JwtFilter handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request...

9.8CVSS7.1AI score0.73255EPSS
Exploits5References5
Nuclei
Nuclei
added 8 hours ago102 views

Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation CNCF as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, "Secret Key", is hard coded, which leads to...

9.8CVSS6AI score0.33618EPSS
Exploits1References4
CVE
CVE
added yesterday10 views

CVE-2026-15497

Affected software / component: SonicCloudOrg sonic-agent (up to 2.7.2), specifically the JWT Authentication Filter in the ExchangeController.java path. Vulnerability: code injection vulnerability reported as enabling a remote attacker to manipulate code execution. Impact (per docs): remote exploi...

7.5CVSS6.6AI score
Exploits0References5
NVD
NVD
added 3 days ago6 views

CVE-2026-56664

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validation in internal/idp/providers/jwt/session.go skips the maximum token age freshness check when an incoming token omits the iat claim, allowing arbitrarily old tokens...

4.2CVSS0.00203EPSS
Exploits0References5
CVE
CVE
added 3 days ago9 views

CVE-2026-56664

ZITADEL’s external JWT Identity Provider validation (internal/idp/providers/jwt/session.go) did not enforce maximum token age (missing iat) in tokens, allowing arbitrarily old tokens from a trusted issuer to pass authentication. Affected: ZITADEL core platform; vulnerable code path in the JWT IdP...

4.2CVSS6.1AI score0.00203EPSS
Exploits0References5
NVD
NVD
added 3 days ago6 views

CVE-2026-55669

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validates a token's signature and issuer iss but not the audience aud claim, allowing a validly signed token from a trusted issuer for another relying party to be accepted ...

4.2CVSS0.00112EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 4 days ago6 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.18.1.P1 for Spring Boot release.

Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.4AI score0.00969EPSS
Exploits6References33
RedHat Linux
RedHat Linux
added 2026/07/06 3:54 a.m.9 views

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

7.4CVSS6AI score0.00394EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.10 views

Keycloak < 26.6.4 Multiple Vulnerabilities

The version of Keycloak installed on the remote host is prior to 26.6.4. It is, therefore, affected by multiple vulnerabilities, including the following: - A user with group-admin privileges can escalate to realm-admin, gaining full administrative control over the realm. CVE-2026-9099 - An...

8.1CVSS6.1AI score0.00519EPSS
Exploits0References9
OSV
OSV
added 2026/07/02 5:15 p.m.4 views

GHSA-G3XR-5W5J-W4Q4 Contour has Improper JWT Verification for Non-SNI Requests on Virtual Hosts with Fallback Certificate Enabled

Impact When an HTTPProxy is configured with incompatible combination of both .spec.virtualhost.tls.enableFallbackCertificate: true and .spec.virtualhost.jwtProviders, Contour does not reject the configuration. Consequently, requests from clients that do not send TLS SNI or send an unrecognized SN...

6.5CVSS5.8AI score0.00023EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 11:16 a.m.11 views

CVE-2026-54430

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...

5.1CVSS0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/07/02 10:16 a.m.7 views

CVE-2026-14336

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS0.00321EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.6 views

PT-2026-55460

Name of the Vulnerable Software and Affected Versions Contour versions prior to 1.33.5 Description An issue exists when an HTTPProxy is configured with both .spec.virtualhost.tls.enableFallbackCertificate: true and .spec.virtualhost.jwtProviders. In this scenario, the system fails to reject the...

6.5CVSS6AI score0.00023EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-479 praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unset

Summary Type: Insecure default cryptographic key. The JWT signing secret defaults to the hardcoded literal "dev-secret-change-me" when PLATFORMJWTSECRET is unset. A safety check exists but only fires when PLATFORMENV != "dev"; the default value of PLATFORMENV is "dev", so the check is silently...

9.8CVSS5.9AI score0.00054EPSS
Exploits0References5
Rows per page
Query Builder