CVE-2026-23993

Name of the Vulnerable Software and Affected Versions HarbourJwt (affected versions not specified)

Description A JWT authentication bypass exists in HarbourJwt due to an issue with algorithm handling. Specifically, unsupported algorithms can lead to an empty signature, allowing forged tokens to pass validation. The issue occurs when the algorithm is set to an unknown value, resulting in a bypass of the authentication process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.