2 matches found
CVE-2026-28802
A flaw was found in Authlib, a Python library for building OAuth and OpenID Connect servers. A remote attacker can exploit this vulnerability by crafting a malicious JSON Web Token JWT with a "none" algorithm and an empty signature. This bypasses the expected signature verification, potentially...
CVE-2026-28802
creationtimestamp| type| source ---|---|--- 2026-03-04 14:32:31+00:00| published-proof-of-concept| https://github.com/authlib/authlib/security/advisories/GHSA-7wc2-qxgw-g8gg 2026-03-06 08:19:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgeuvsntg22e...