Lucene search
K

177 matches found

Nuclei
Nuclei
added 16 hours ago26 views

DataEase < 2.10.10 - JWT Authentication Bypass

DataEase 2.10.10 contains a broken authentication caused by ineffective secret verification, letting users forge JWT tokens, exploit requires no special privileges. id: CVE-2025-49001 info: name: DataEase 2.10.10 - JWT Authentication Bypass author: YunSeoJo,aryu-ru severity: critical description:...

9.8CVSS5.9AI score0.19386EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/02 10:3 p.m.17 views

CVE-2026-49298

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

8.8CVSS5.8AI score0.00488EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 9:16 a.m.11 views

PYSEC-2026-187

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

6.5CVSS5.9AI score0.00667EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/01 7:35 a.m.9 views

CVE-2026-48726 Apache Airflow: revoke_token() unreachable in FabAuthManager / KeycloakAuthManager logout path

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

5.9AI score0.00368EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:35 a.m.11 views

CVE-2026-48726

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

9.1CVSS5.9AI score0.00667EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/01 7:35 a.m.14 views

EUVD-2026-33581

A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for FabAuthManager and KeycloakAuthManager did not actually reach the underlying revoketoken call, so the JWT remained accepted by the API server...

9.1CVSS5.9AI score0.00667EPSS
Exploits0References3
CVE
CVE
added 2026/06/01 7:35 a.m.26 views

CVE-2026-48726

CVE-2026-48726 describes a bug in Apache Airflow where the logout flow for FabAuthManager and KeycloakAuthManager does not reach revoke_token(), leaving previously issued JWTs valid until expiry. This creates a residual gap after CVE-2025-57735 where cookie-side invalidation was addressed but pro...

6.5CVSS5.9AI score0.00368EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/01 7:34 a.m.33 views

CVE-2026-49298 Apache Airflow: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

0.00488EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/01 7:34 a.m.9 views

CVE-2026-49298 Apache Airflow: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

5.8AI score0.00488EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:34 a.m.8 views

CVE-2026-49298

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

8.7CVSS5.8AI score0.00488EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45384

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description A bug in the KubernetesExecutor causes JSON Web Tokens JWT, used by worker pods to authenticate against the Execution API, to be passed to the worker container as command-line arguments. These...

8.8CVSS5.5AI score0.00488EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Portainer 安全漏洞

Portainer is a lightweight user management interface developed by Portainer, open source, for managing Docker environments and Docker hosts. There were security vulnerabilities in versions of Portainer from 2.33.0 to 2.33.8, as well as in versions before 2.39.2 and 2.41.0. These vulnerabilities...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-42001

Name of the Vulnerable Software and Affected Versions Apache Airflow affected versions not specified Description JWT tokens used by workers in Kubernetes Executors are exposed to users with read-only access to Kubernetes Pods. This exposure allows users with limited permissions to perform actions...

8.7CVSS5.8AI score0.00156EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.50 views

CVE-2024-46508

yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed by setting YETIAUTHSECRETKEY to a value other than SECRET...

0.00429EPSS
Exploits3References1
Snyk
Snyk
added 2026/03/07 6:44 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the AuthorizeHost middleware due to incorrect validation of host JWT tokens. An attacker can gain unauthorized access to, modify, or delete resources belonging to other hosts by crafting requests that include ...

8.6CVSS7.2AI score0.00366EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.6 views

PT-2026-5979

Name of the Vulnerable Software and Affected Versions FUXA version 1.2.7 Description The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication, potentially gaining full administrative access. The...

9.8CVSS5.5AI score0.02036EPSS
Exploits0References8
OSV
OSV
added 2025/11/18 6:26 p.m.12 views

GHSA-FRFH-8V73-GJG4 joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads

Summary The ExceededSizeError exception messages are embedded with non-decoded JWT token parts and may cause Python logging to record an arbitrarily large, forged JWT payload. Details In situations where a misconfigured — or entirely absent — production-grade web server sits in front of a Python...

9.2CVSS6AI score0.00329EPSS
Exploits1References7
Packet Storm News
Packet Storm News
added 2025/10/21 12:0 a.m.5 views

Evaluating Large Language Models in Detecting Secrets in Android Apps

Mobile apps often embed authentication secrets, such as API keys, tokens, and client IDs, to integrate with cloud services. However, developers often hardcode these credentials into Android apps, exposing them to extraction through reverse engineering. Once compromised, adversaries can exploit...

6.8AI score
Exploits0
OSV
OSV
added 2025/10/15 3:16 p.m.4 views

CVE-2025-56749

Creativeitem Academy LMS up to and including 6.14 uses a hardcoded default JWT secret for token signing. This predictable secret allows attackers to forge valid JWT tokens, leading to authentication bypass and unauthorized access to any user account...

9.4CVSS5.7AI score0.00451EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/10/10 8:26 p.m.8 views

Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

Summary Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving...

7.5CVSS7.2AI score0.00596EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder