CVE-2026-44351CRITICAL 9.1EPSS p14.4%

CVE-2026-44351CVE-2026-44351

Description

fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to 6.2.4, a critical authentication-bypass vulnerability in fast-jwt's async key-resolver flow allows any unauthenticated attacker to forge arbitrary JWTs that are accepted as authentic. When the application's key resolver returns an empty string (''), for example via the common keys[decoded.header.kid] || '' JWKS-style fallback, fast-jwt converts it to a zero-length Buffer, hands it to crypto.createSecretKey, derives allowedAlgorithms = ['HS256','HS384','HS512'] from it, and then verifies the token's signature against an empty-key HMAC. The attacker simply computes HMAC-SHA256(key='', input='${header}.${payload}'), which Node accepts without complaint — and the verifier returns the attacker-chosen payload (sub, admin, scopes, etc.) as authentic. This vulnerability is fixed in 6.2.4.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.24% probability of exploitation · percentile 14.4% · 2026-06-18T12:00:27Z
Published2026-05-13
Last modified2026-05-14

Underlying weaknesses· 3

CWE-287CWE-326CWE-1391

References

  1. https://github.com/nearform/fast-jwt/security/advisories/GHSA-gmvf-9v4p-v8jc
  2. https://github.com/nearform/fast-jwt/security/advisories/GHSA-gmvf-9v4p-v8jc

3

TypeTargetConfidenceTier
WeaknessUse of Weak Credentialscwe-13910%live
WeaknessImproper Authenticationcwe-2870%live
WeaknessInadequate Encryption Strengthcwe-3260%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-34950
CVE
CVE-2026-35039
CVE
CVE-2026-29000
CVE
CVE-2026-48526
CVE
CVE-2025-3177
CVE
CVE-2026-38651
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.