CVE-2026-1237
Unknown Unknown - Not Provided
Cross-Model Authorization Bypass in Juju Enables Unauthorized Access

Publication date: 2026-01-28

Last updated on: 2026-01-28

Assigner: Canonical Ltd.

Description
Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or expired permissions. This allows a charm to continue relating to another charm in a cross-model relation, and use their workload without their permission. No fix is available as of the time of writing.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-28
Last Modified
2026-01-28
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-14
NVD
CVE-2026-1237
EUVD
EUVD-2026-4900
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
juju juju *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
CWE-672 The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves a flaw in juju's cross-model authorization. If a charm's cross-model permissions are revoked or expire, a malicious user who can update database records can create an invalid macaroon that the juju controller incorrectly validates. This allows the charm to keep permissions that should have been revoked or expired, enabling it to continue interacting with another charm and using its workload without permission.

Impact Analysis

The vulnerability allows a charm to maintain access and interact with another charm's workload even after its permissions have been revoked or expired. This unauthorized access can lead to misuse of resources, potential data exposure, or unintended operations within the juju environment.

Mitigation Strategies

Since no fix is available as of the time of writing, immediate mitigation steps are not specified. It is recommended to monitor juju charm permissions carefully and restrict database update access to trusted users only to reduce the risk of malicious macaroon minting.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1237. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart