CVE-2026-48526 | jpadilla pyjwt up to 2.12.x JSON Web Token improper authentication (GHSA-xgmm-8j9v-c9wx / WID-SEC-2026-1923)
A vulnerability was found in jpadilla pyjwt up to 2.12.x. It has been classified as critical. This issue affects some unknown processing of the component JSON Web Token Handler. Performing a manipulation results in improper authentication.
This vulnerability is reported as CVE-2026-48526. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is recommended.