2477934 – (CVE-2026-44699) CVE-2026-44699 libjwt: libjwt: Authentication bypass via algorithm confusion in JWT verification

Bug 2477934 (CVE-2026-44699) - CVE-2026-44699 libjwt: libjwt: Authentication bypass via algorithm confusion in JWT verification

Summary: CVE-2026-44699 libjwt: libjwt: Authentication bypass via algorithm confusion ...

Keywords:
Status:	NEW
Alias:	CVE-2026-44699
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-05-15 17:01 UTC by OSIDB Bzimport
Modified:	2026-05-18 12:58 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-05-15 17:01:25 UTC

LibJWT is a C JSON Web Token Library. From 3.0.0 to 3.3.2, libjwt accepts an RSA JWK that does not contain an alg parameter as the verification key for an HS256/HS384/HS512 token. In the OpenSSL backend, this causes HMAC verification to run with a zero-length key, so an attacker can forge a valid JWT without knowing any secret or RSA private key. This is an algorithm-confusion authentication bypass. It affects applications that load RSA keys from JWKS where alg is omitted, which is valid JWK syntax and common in real deployments, and then choose the verification algorithm from the JWT header, for example in a kid lookup callback. This vulnerability is fixed in 3.3.3.

Note You need to log in before you can comment on or make changes to this bug.