CVE-2026-49998
Received Received - Intake

JWKS Key Reuse in Centrifugo JWT Verification

Vulnerability report for CVE-2026-49998, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: GitHub, Inc.

Description

Centrifugo is an open-source scalable real-time messaging server. Prior to 6.8.1, Centrifugo dynamic JWKS endpoint verification could reuse a key for one allowed issuer to verify a JWT for another allowed issuer because the JWKS cache and singleflight lookup were keyed only by JWT header kid, not by the resolved JWKS endpoint, issuer, audience, or trust-domain namespace, affecting client.token.jwks_public_endpoint, client.subscription_token.jwks_public_endpoint, internal/jwks/cache.go, and internal/jwks/manager.go. This issue is fixed in version 6.8.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-17
AI Q&A
2026-07-16
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
centrifugal centrifugo 6.8.0
centrifugal centrifugo 6.8.1
centrifugal centrifugo to 6.8.1 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in Centrifugo versions before 6.8.1 allows an attacker to bypass JWT authentication across different issuers or tenants. The issue occurs because the JWKS cache and key lookup are only keyed by the JWT header's 'kid' field, not by the resolved JWKS endpoint or trust domain. This means a key cached for one issuer could be reused to verify tokens for another issuer if both use the same 'kid' value.

Detection Guidance

To detect this vulnerability, check if your Centrifugo version is below 6.8.1. Run: centrifugo --version. If the output shows a version older than 6.8.1, the system is vulnerable. Additionally, inspect JWKS endpoint configurations for multi-tenant setups using templated URLs like {{.iss}} or {{.aud}.

Impact Analysis

An attacker could exploit this to authenticate as users in other issuer or tenant namespaces, leading to unauthorized access. This could result in confidentiality and integrity breaches, allowing the attacker to impersonate users, access sensitive data, or perform actions on behalf of other users.

Compliance Impact

This vulnerability could lead to unauthorized access to personal or sensitive data, violating GDPR's data protection principles and HIPAA's security requirements. It may result in data breaches, unauthorized disclosures, or integrity violations, potentially leading to regulatory penalties and loss of trust.

Mitigation Strategies

Upgrade Centrifugo to version 6.8.1 or later immediately. If upgrading is not possible, disable dynamic JWKS endpoint verification or ensure all JWKS endpoints use unique kid values across issuers. Review multi-tenant configurations to confirm no shared cache keys exist between tenants.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49998. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart