CVE-2026-35042

Name of the Vulnerable Software and Affected Versions fast-jwt versions 6.1.0 and earlier

Description fast-jwt does not validate the 'crit' (Critical) Header Parameter as defined in RFC 7515 §4.1.11. When a JWS token includes a 'crit' array listing extensions that fast-jwt does not understand, the library accepts the token instead of rejecting it, violating the RFC's MUST requirement. This can lead to split-brain verification in mixed-library environments, security policy bypass when 'crit' carries enforcement semantics, and token binding bypass. The crit parameter specifies required extensions in the JWT header. If a recipient does not support these extensions, the JWT should be rejected. The proof of concept demonstrates that a token with an unsupported critical extension ('x-custom-policy') is accepted by fast-jwt, while a library like jose correctly rejects it.

Recommendations Update to a version of fast-jwt that includes validation for the 'crit' header parameter. In src/verifier.js, add crit validation after header decoding, ensuring that only supported critical extensions are accepted and that all listed critical extensions are present in the header.