12 matches found
CVE-2026-41164 nuts-node: JWT type confusion in v1 access token introspection allows VP replay as access token
nuts-node is the reference implementation of the Nuts specification. Prior to 6.2.3 and 5.4.31, the v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims...
CVE-2026-41164 nuts-node: JWT type confusion in v1 access token introspection allows VP replay as access token
nuts-node is the reference implementation of the Nuts specification. Prior to 6.2.3 and 5.4.31, the v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims...
EUVD-2026-31940
nuts-node is the reference implementation of the Nuts specification. Prior to 6.2.3 and 5.4.31, the v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims...
CVE-2026-41164
nuts-node is the reference implementation of the Nuts specification. Prior to 6.2.3 and 5.4.31, the v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the /auth/v1/introspectaccesstoken endpoint, which accepts any JWT signed by a key present on the node without validating the JWT type, issuer-to-key binding, or required claims. An...
GHSA-9HMG-827W-9RHJ nuts-node has JWT type confusion in v1 access token introspection that allows VP replay as access token
Summary The v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims. This allows a Verifiable Presentation VP JWT to be replayed as an access token and...
nuts-node has JWT type confusion in v1 access token introspection that allows VP replay as access token
Summary The v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims. This allows a Verifiable Presentation VP JWT to be replayed as an access token and...
PT-2026-37245
Name of the Vulnerable Software and Affected Versions nuts-node versions prior to 5.4.31 nuts-node versions prior to 6.2.3 Description The v1 access token introspection endpoint '/auth/v1/introspect access token' accepts any JSON Web Token JWT signed by a key present on the node without validatin...
Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders
Summary The revocation scheme that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model. Notably, a malicious verifier may be able to generate a unique identifier for a holder providing a...
Credentials Verification Bypass
vp-toolkit is vulnerable to credentials verification bypass. The verifyVerifiablePresentation function verifies the cryptographic integrity of the Verifiable Presentation but failure to check if the credentialSubject.id matches the signer of the VP proof allows to bypass the verification...
GHSA-FF5X-W9WG-H275 Holder can generate proof of ownership for credentials it does not control in vp-toolkit
Impact The verifyVerifiablePresentation method check the cryptographic integrity of the Verifiable Presentation, but it does not check if the credentialSubject.id DID matches the signer of the VP proof. The verifier is impacted by this vulnerability. Patches Patch will be available in version...
Holder can generate proof of ownership for credentials it does not control in vp-toolkit
Impact The verifyVerifiablePresentation method check the cryptographic integrity of the Verifiable Presentation, but it does not check if the credentialSubject.id DID matches the signer of the VP proof. The verifier is impacted by this vulnerability. Patches Patch will be available in version...