Vulnetix
Try Vulnetix Request Demo
CVE-2026-28802 PUBLISHED CVSS 7.699999809265137 HIGH

Authlib: Setting `alg: none` and a blank signature appears to bypass signature verification

EPSS 0.02% · 5.8th percentile

Risk Scores

CVSS v4.0
7.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
EPSS Score
0.02%
5.8th percentile

Affected Products

VendorProductVersions
PyPIauthlib1.6.5, 1.6.5, 1.6.5
authlibauthlib1.6.5, >= 1.6.5, < 1.6.7, 1.6.5

Timeline

References

Open in Interactive Console →