Lucene search
K

334 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-12593

The implementation of an internal and undocumented Dashboard API endpoint POST /api/users//user/tokens forgot to ensure an HTTP request for creating an API Token for another user had sufficient permission to do so. Precondition for successful exploitation was a preexisting internal user with more...

8.7CVSS0.00281EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-57172

DataEase prior to 2.10.24 is affected by a hardcoded default share link signature key in ShareSecretManage. An attacker who can obtain a passwordless share for a resource and user can use the known key to forge linkToken JWTs (link-pwd-fit2cloud), bypass TokenFilter verification, and access backe...

8.3CVSS5.9AI score0.00289EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-56254

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.24 Description The ShareSecretManage component uses a hardcoded default share link signature key. An attacker who obtains a passwordless share for a resource and user can use the known key link-pwd-fit2cloud to...

8.3CVSS6AI score0.00289EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/06 5:37 a.m.6 views

python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...

7.4CVSS5.9AI score0.00394EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/07/02 8:29 a.m.37 views

CVE-2026-14336

PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check issuer.startswith' https://ci.eclipse.org ' in isissuerknown, pia/models.py:139 instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://[email protected]...

8.2CVSS0.00321EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/01 11:9 a.m.6 views

python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...

7.4CVSS5.8AI score0.00394EPSS
Exploits1References5
OSV
OSV
added 2026/06/29 11:50 a.m.10 views

PYSEC-2026-287 Authlib JWS JWK Header Injection: Signature Verification Bypass

Description Summary A JWK Header Injection vulnerability in authlib's JWS implementation allows an unauthenticated attacker to forge arbitrary JWT tokens that pass signature verification. When key=None is passed to any JWS deserialization function, the library extracts and uses the cryptographic...

9.1CVSS7.4AI score0.00548EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.9 views

SUSE SLED15 / SLES15 Security Update : python-PyJWT (SUSE-SU-2026:2627-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2627-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments...

7.4CVSS5.9AI score0.00394EPSS
Exploits4References13
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5515 Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery in github.com/dhax/go-base

Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery in github.com/dhax/go-base...

5.8AI score0.00055EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5567 Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery in github.com/enchant97/note-mark/backend

Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery in github.com/enchant97/note-mark/backend...

10CVSS5.8AI score0.00124EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 8:11 a.m.3 views

SUSE-SU-2026:2626-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. - CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are...

7.4CVSS5.7AI score0.00394EPSS
Exploits4References11
NVD
NVD
added 2026/06/24 10:16 p.m.10 views

CVE-2026-55666

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, handleIdentityToken parses a JWT issued by Apple during the OAuth flow. The try block checks for an...

9.3CVSS0.00295EPSS
Exploits0References1
PyPA
PyPA
added 2026/06/21 2:16 p.m.7 views

PYSEC-2026-239

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

9.8CVSS5.8AI score0.00407EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/21 2:16 p.m.5 views

PYSEC-2026-239

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

9.3CVSS5.8AI score0.00417EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/21 1:26 p.m.5 views

CVE-2026-56265

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

9.8CVSS5.9AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2026/06/16 8:55 a.m.4 views

SUSE-SU-2026:22238-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to urllib.request.urlopen and allows for SSRF and token forgery bsc1266798. - CVE-2026-48523: verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are...

7.4CVSS5.7AI score0.00394EPSS
Exploits4References11
OSV
OSV
added 2026/06/15 7:28 p.m.8 views

GHSA-993G-76C3-P5M4 PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes

!NOTE The library does not directly return non-HTTPS URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws attacker write access to a filesystem path, untrusted jku derivation that this fix do...

4.2CVSS5.6AI score0.00181EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/06/15 7:28 p.m.12 views

PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes

!NOTE The library does not directly return non-HTTPS URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws attacker write access to a filesystem path, untrusted jku derivation that this fix do...

8.8CVSS5.6AI score0.02214EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/15 7:28 p.m.13 views

PyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowed

!NOTE Exploitation requires a verifier configured with both symmetric and asymmetric algorithms in algorithms=… and a raw-JSON JWK as the key= argument, both contrary to documented usage, hence the High attack-complexity rating. Summary When the verifier is decoding JSON Web Tokens, while...

7.4CVSS5.4AI score0.00394EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/06/12 6:16 p.m.16 views

CVE-2026-48558

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a...

10CVSS0.0116EPSS
Exploits1References5
Rows per page
Query Builder