CVE-2026-25554

Name of the Vulnerable Software and Affected Versions OpenSIPS versions 3.1 through 3.6.3

Description The software contains a SQL injection issue within the jwt db authorize() function in the auth jwt module when a SQL database backend is used and db mode is enabled. The function incorporates a tag claim from a JWT directly into a SQL query without verifying the signature first. An attacker can craft a malicious JWT with a specially designed tag claim to manipulate the query and bypass authentication, potentially impersonating other users.

Recommendations Update to version 3.6.4 or later.