CVE-2026-32714
SciTokens before v1.9.6 is affected: the KeyCache class builds SQL queries using Python string formatting, allowing SQL injection via user-supplied data (issuer, key_id) that could compromise the local SQLite database. The issue is fixed in v1.9.6. Affected software: SciTokens library; vulnerabil...