CVE-2026-29000
published 2026-03-04CVE-2026-29000: pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that…
PriorityP273critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
5.86%
92.3th percentile
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT with arbitrary subject and role claims, bypassing signature verification to authenticate as any user including administrators.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pac4j | pac4j-jwt | >= 4.0 < 4.5.9 | 4.5.9 |
| pac4j | pac4j-jwt | >= 5.0 < 5.7.9 | 5.7.9 |
| pac4j | pac4j-jwt | >= 6.0 < 6.3.3 | 6.3.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect JWE-wrapped PlainJWT tokens in authentication flows — a JWT with 'alg: none' or no signature wrapped inside a JWE structure is a strong indicator of exploitation attempt against CVE-2026-29000 ↗
- →Monitor JwtAuthenticator processing paths in pac4j-jwt for tokens that are encrypted (JWE) but contain an unsigned/plain inner JWT — this combination should never appear in legitimate traffic ↗
- →Alert on authentication events where elevated role claims (e.g., admin) are asserted via JWT but the token lacks a valid signature — indicative of forged tokens exploiting this bypass ↗
- ·Vulnerable versions of org.pac4j:pac4j-jwt are prior to 4.5.9, 5.7.9, and 6.3.3 — deployments on any of these branches must be patched to the respective fixed version ↗
- ·The attack requires the attacker to possess the server's RSA public key; environments where the RSA public key is not publicly exposed reduce (but do not eliminate) exploitability ↗
- ·A public exploit exists for this CVE (CVSS 9.3 CRITICAL); prioritize patching and detection given confirmed exploit availability ↗
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
ghsa·2026-03-05
CVE-2026-29000 [CRITICAL] CWE-347 pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT with arbitrary subject and role claims, bypassing signature verification to authenticate as any user including administrators.
OSV
pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
osv·2026-03-05
CVE-2026-29000 [CRITICAL] pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT with arbitrary subject and role claims, bypassing signature verification to authenticate as any user including administrators.
No detection rules found.
No public exploits indexed.
2026-03-04
Published