CRITICAL
benmcollins
CVE published 2026-05-15
CVE-2026-44699
LibJWT versions 3.0.0 through 3.3.2 contain a critical algorithm confusion vulnerability that enables authentication bypass. The library accepts RSA JWKs lacking an `alg` parameter as verification keys for HMAC-signed tokens (HS256/HS384/HS512). When this occurs with the OpenSSL backend, HMAC verification executes with a zero-length key, allowing attackers to forge valid JWTs without possessing any secret [truncated]