Tag: Java security

A critical vulnerability has been unearthed within the widely utilized Java authentication library, pac4j-jwt, empowering a malicious actor to masquerade as any system user, administrators included. This severe flaw has been designated the identifier CVE-2026-29000, garnering the maximum peril rating of 10.0 on the CVSS scale. The defect was brought to light by the CodeAnt…