Back to CVE List

CVE-2026-49998

HIGH SEVERITY

CVSS Score & Metrics

Base Score
8.2 / 10

Vulnerability Description

Centrifugo's dynamic JWKS key cache keyed only by `kid` allows cross-issuer JWT authentication bypass

Vulnerability Details

Published Date
Last Modified
Source
GitHub
Vendor
go
Product
github.com/centrifugal/centrifugo/v6

External References

Discussion (0)

Add Comment

No comments yet. Be the first!