External risk intelligence

pac4j-jwt Authentication Bypass via Encrypted JWT Forgery

CVE advisorySeverity: CRITICAL (CVSS 9.3)

CVE-2026-29000

The vulnerability exists in a security framework component designed specifically for authentication and authorization in web applications. Because these components are typically integrated into web services and APIs to handle user sessions and identity verification, they are commonly exposed as part of internet-facing web application entry points.

Authentication Bypass

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

A vulnerability in the pac4j-jwt library could allow attackers to bypass authentication by forging tokens, potentially impersonating any user, including administrators. This issue affects systems that use this specific security component for managing user identities and access. The primary concern is confirming if and where this technology is in use to assess potential exposure.

  • Authentication bypass in a security library.
  • Allows impersonation of any user, including admins.
  • Confirm relevance and exposure to affected systems.

Attack Path

How an attacker could exploit the issue

An attacker could forge authentication tokens by exploiting a vulnerability in how pac4j-jwt handles encrypted JWTs. This is possible if the attacker obtains the server's RSA public key, allowing them to create a malicious token that bypasses signature verification and impersonates any user, including administrators.

  • Attacker must possess the server's RSA public key.
  • A specially crafted, JWE-wrapped PlainJWT triggers the bypass.
  • Enables impersonation of any user, including administrators.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability in JWT authentication could allow remote attackers to bypass authentication by forging tokens. When supported by the advisory's context, attackers possessing the server's RSA public key could create malicious JWE-wrapped PlainJWTs to impersonate any user, including administrators.

  • Forged authentication tokens.
  • Bypassing signature verification.
  • Unauthorized access to systems.

Operational Fix

Recommended remediation, mitigation, and detection steps

Real-world ownership for this vulnerability likely falls to application development or platform teams responsible for identity and access management, especially those using the affected Java security library. The first practical step is to identify all services that utilize pac4j-jwt for JWT processing, confirm their exposure and criticality, and then coordinate with the accountable application or platform owner to plan remediation.

  • Application or platform teams own the issue.
  • Verify all pac4j-jwt implementations.
  • Plan remediation based on exposure and criticality.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is the pac4j-jwt library used for?

pac4j-jwt is a Java security component commonly integrated into web applications and APIs. Its primary purpose is to manage identity verification and handle user sessions by processing JSON Web Tokens (JWTs). Developers use this library to simplify the implementation of authentication and authorization protocols, making it a foundational piece of the identity layer for many web services.

How does CVE-2026-29000 allow authentication bypass?

This vulnerability is classified as Improper Verification of Cryptographic Signature (CWE-347). It occurs because the library fails to properly validate the signature of encrypted JWTs. By leveraging the server's RSA public key, an attacker can craft a malicious JWE-wrapped token that the system incorrectly accepts as legitimate, allowing the attacker to specify arbitrary user identities and role claims.

Do I need a server's RSA public key to trigger this bug?

Yes, exploiting this vulnerability requires the attacker to possess the specific RSA public key used by the target server. Without this key, an attacker cannot forge the necessary JWE-wrapped PlainJWT required to impersonate a user. This bug is not triggered by standard, validly signed tokens or by interactions that do not involve this specific encryption handling path.

Is my system at risk according to Halo Surface Signal?

Halo Surface Signal identifies this as a 'Likely' risk because pac4j-jwt is a security framework component. Since these components are integrated into web services and APIs to handle identity, they are frequently found on internet-facing entry points. Systems using affected versions that process encrypted JWTs from external sources are considered to have a higher potential for exposure.

What is the first step to address CVE-2026-29000?

The immediate priority is to identify every application or microservice within your environment that relies on the pac4j-jwt library for processing encrypted JWTs. Once you have an inventory of these implementations, verify the specific library versions in use. Coordinate with your application development or platform teams to prioritize updates for any services identified as running vulnerable versions.

References