Authlib Vulnerabilities
Comprehensive security vulnerability database for Authlib products
1
0
1
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-28802 | 7.7 | This vulnerability allows an attacker to bypass security checks by sending a specially crafted JSON Web Token (JWT) that appears valid, even though it should be rejected. It affects versions of the Authlib library from 1.6.5 to just before 1.6.7, meaning any applications using these versions could be tricked into accepting unauthorized access without proper verification. | authlibauthlib | Exploit Available | about 1 month agoMar 6, 2026 |
About Authlib Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Authlib products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.