4 matches found
PT-2026-52592
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A JWT algorithm confusion flaw exists in the JWT Authorization Grant flow. An attacker possessing valid client credentials can bypass signature verification by forging an assertion. This...
CVE-2026-33322
MinIO is a high-performance object storage system. From RELEASE.2022-11-08T05-27-07Z to before RELEASE.2026-03-17T21-25-16Z, a JWT algorithm confusion vulnerability in MinIO's OpenID Connect authentication allows an attacker who knows the OIDC ClientSecret to forge arbitrary identity tokens and...
CVE-2026-33322 MinIO: JWT Algorithm Confusion in OIDC Authentication
MinIO is a high-performance object storage system. From RELEASE.2022-11-08T05-27-07Z to before RELEASE.2026-03-17T21-25-16Z, a JWT algorithm confusion vulnerability in MinIO's OpenID Connect authentication allows an attacker who knows the OIDC ClientSecret to forge arbitrary identity tokens and...
Plasma
Plasma !Pythonhttps://img.shields.io/badge/python-3.10%2B-...