{ "threat_severity" : "Important", "public_date" : "2026-03-16T17:34:38Z", "bugzilla" : { "description" : "authlib: Authlib: Authentication bypass due to JWK Header Injection vulnerability", "id" : "2448164", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2448164" }, "cvss3" : { "cvss3_base_score" : "9.1", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "status" : "verified" }, "cwe" : "CWE-347", "details" : [ "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a JWK Header Injection vulnerability in authlib's JWS implementation allows an unauthenticated attacker to forge arbitrary JWT tokens that pass signature verification. When key=None is passed to any JWS deserialization function, the library extracts and uses the cryptographic key embedded in the attacker-controlled JWT jwk header field. An attacker can sign a token with their own private key, embed the matching public key in the header, and have the server accept the forged token as cryptographically valid — bypassing authentication and authorization entirely. This issue has been patched in version 1.6.9.", "A flaw was found in Authlib, a Python library used for creating secure authentication and authorization systems. This vulnerability, known as JWK (JSON Web Key) Header Injection, affects how Authlib verifies digital signatures in JWS (JSON Web Signature) tokens. An attacker can exploit this by creating a specially crafted token that includes their own cryptographic key in the header. When the system attempts to verify this token without a predefined key, it mistakenly uses the attacker's key, allowing them to bypass authentication and gain unauthorized access." ], "statement" : "This critical vulnerability in Authlib's JWS implementation allows unauthenticated attackers to forge JWTs by embedding their own cryptographic key in the token header. Impact is high to confidentiality and integrity as attackers can bypass authentication.\nThe impact for Red Hat Quay is rated as low because it imports authlib solely as a JWK parsing utility and performs all JWT signature verification through PyJWT, so the vulnerable jws.deserialize_compact() code path is never called.\nRed Hat OpenShift AI is not affected, since authlib is only present as a transitive dependency in the dev dependency group and is not included in production image builds, so the vulnerable code is not present in the shipped product.\nRed Hat Satellite is not affected, as authlib is only present as a dependency of fastmcp. In Satellite, fastmcp only invokes authlib using jwt.decode() which isn't able to reach the vulnerability condition even with key=none.", "affected_release" : [ { "product_name" : "Red Hat Quay 3.1", "release_date" : "2026-03-24T00:00:00Z", "advisory" : "RHSA-2026:5665", "cpe" : "cpe:/a:redhat:quay:3.10::el8", "package" : "quay/quay-rhel8:1773971077", "impact" : "low" }, { "product_name" : "Red Hat Quay 3.14", "release_date" : "2026-04-09T00:00:00Z", "advisory" : "RHSA-2026:7314", "cpe" : "cpe:/a:redhat:quay:3.14::el8", "package" : "quay/quay-rhel8:1775512163", "impact" : "low" }, { "product_name" : "Red Hat Quay 3.16", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19375", "cpe" : "cpe:/a:redhat:quay:3.16::el9", "package" : "quay/quay-rhel9:1779204086", "impact" : "low" } ], "package_state" : [ { "product_name" : "Lightspeed Core", "fix_state" : "Not affected", "package_name" : "lightspeed-core/lightspeed-stack-rhel9", "cpe" : "cpe:/a:redhat:lightspeed_core" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-25/lightspeed-chatbot-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/lightspeed-chatbot-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-mlflow-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "satellite/foreman-mcp-server-rhel9", "cpe" : "cpe:/a:redhat:satellite:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-27962\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-27962\nhttps://github.com/authlib/authlib/commit/a5d4b2d4c9e46bfa11c82f85fdc2bcc0b50ae681\nhttps://github.com/authlib/authlib/releases/tag/v1.6.9\nhttps://github.com/authlib/authlib/security/advisories/GHSA-wvwj-cvrp-7pv5" ], "name" : "CVE-2026-27962", "csaw" : false }