{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/clerk/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["@clerk/shared","@clerk/backend","@clerk/nextjs","@clerk/clerk-js","@clerk/clerk-react","@clerk/react","@clerk/vue","@clerk/astro","@clerk/nuxt","@clerk/clerk-expo","@clerk/expo","@clerk/react-router","@clerk/tanstack-react-start","@clerk/chrome-extension","@clerk/fastify","@clerk/express","@clerk/hono"],"_cs_severities":["high"],"_cs_tags":["authorization","bypass","clerk","cve-2026-42349"],"_cs_type":"advisory","_cs_vendors":["Clerk"],"content_html":"\u003cp\u003eA critical authorization bypass vulnerability has been identified in Clerk\u0026rsquo;s authorization predicates (\u003ccode\u003ehas()\u003c/code\u003e and \u003ccode\u003eauth.protect()\u003c/code\u003e) across multiple SDKs, including \u003ccode\u003e@clerk/shared\u003c/code\u003e, \u003ccode\u003e@clerk/nextjs\u003c/code\u003e, and \u003ccode\u003e@clerk/backend\u003c/code\u003e. This flaw, reported on April 18, 2026, and patched on April 22, 2026, can lead to incorrect authorization decisions when combining multiple authorization dimensions (e.g., reverification with role). Specifically, the predicates may return \u003ccode\u003etrue\u003c/code\u003e even if the user does not satisfy all required conditions, potentially allowing unauthorized access to gated actions. A secondary bypass exists in \u003ccode\u003e@clerk/nextjs\u003c/code\u003e, where \u003ccode\u003eauth.protect()\u003c/code\u003e silently discards authorization parameters under certain conditions. The vulnerability affects applications using specific combinations of authorization checks, emphasizing the need for immediate patching.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies an application utilizing affected Clerk packages and vulnerable authorization checks.\u003c/li\u003e\n\u003cli\u003eThe attacker targets an endpoint protected by a combined authorization check (e.g., requiring a specific role and reverification).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a request that satisfies one, but not all, of the authorization conditions.\u003c/li\u003e\n\u003cli\u003eDue to the bypass vulnerability, the \u003ccode\u003ehas()\u003c/code\u003e or \u003ccode\u003eauth.protect()\u003c/code\u003e predicate incorrectly returns \u003ccode\u003etrue\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe application grants the attacker access to the protected resource or functionality.\u003c/li\u003e\n\u003cli\u003eIn the case of the \u003ccode\u003e@clerk/nextjs\u003c/code\u003e bypass, the attacker might exploit the silent discarding of authorization parameters when \u003ccode\u003eunauthenticatedUrl\u003c/code\u003e, \u003ccode\u003eunauthorizedUrl\u003c/code\u003e, or \u003ccode\u003etoken\u003c/code\u003e are also present in the \u003ccode\u003eauth.protect()\u003c/code\u003e call, effectively bypassing authorization.\u003c/li\u003e\n\u003cli\u003eThe attacker performs unauthorized actions, such as modifying data or accessing restricted areas of the application.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability could lead to unauthorized access to sensitive resources and functionalities within applications using Clerk for authentication and authorization. This could result in data breaches, privilege escalation, and other security incidents. The vulnerability affects a wide range of Clerk packages, potentially impacting a significant number of applications relying on Clerk for access control. Immediate patching is crucial to mitigate the risk of exploitation.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to the latest patch release of the consuming app\u0026rsquo;s framework package as specified in the advisory to remediate CVE-2026-42349.\u003c/li\u003e\n\u003cli\u003eIf immediate upgrade is not feasible, implement the suggested workaround of splitting combined \u003ccode\u003ehas()\u003c/code\u003e or \u003ccode\u003eauth.protect()\u003c/code\u003e calls into sequential single-condition checks as described in the advisory.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eClerkAuthProtectBypass\u003c/code\u003e to detect potential exploitation attempts by monitoring for calls to \u003ccode\u003eauth.protect\u003c/code\u003e that include \u003ccode\u003eunauthenticatedUrl\u003c/code\u003e, \u003ccode\u003eunauthorizedUrl\u003c/code\u003e, or \u003ccode\u003etoken\u003c/code\u003e parameters.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eClerkCombinedAuthCheckBypass\u003c/code\u003e to identify suspicious process creation events that may indicate unauthorized access due to the authorization bypass.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-30T18:20:02Z","date_published":"2026-04-30T18:20:02Z","id":"/briefs/2026-04-clerk-auth-bypass/","summary":"Clerk has an authorization bypass vulnerability in multiple packages where the `has()` and `auth.protect()` predicates can incorrectly return true, potentially allowing unauthorized actions.","title":"Clerk Authorization Bypass Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-clerk-auth-bypass/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["ssrf","vulnerability","clerk","cloud"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eThe \u003ccode\u003eclerkFrontendApiProxy\u003c/code\u003e function in \u003ccode\u003e@clerk/backend\u003c/code\u003e versions 3.0.0 through 3.2.2, \u003ccode\u003e@clerk/express\u003c/code\u003e versions 2.0.0 through 2.0.6, \u003ccode\u003e@clerk/hono\u003c/code\u003e versions 0.1.0 through 0.1.4, and \u003ccode\u003e@clerk/fastify\u003c/code\u003e versions 3.1.0 through 3.1.4 is susceptible to a Server-Side Request Forgery (SSRF) vulnerability. This flaw enables an unauthenticated attacker to craft malicious request paths that, when processed by the proxy, result in the application\u0026rsquo;s \u003ccode\u003eClerk-Secret-Key\u003c/code\u003e being transmitted to a server under the attacker\u0026rsquo;s control. Only applications that have explicitly enabled the \u003ccode\u003efrontendApiProxy\u003c/code\u003e feature are affected. This feature is not enabled by default, limiting the scope of potential impact. Notably, \u003ccode\u003e@clerk/nextjs\u003c/code\u003e users are not affected due to the framework\u0026rsquo;s handling of repeated slashes in request paths, which mitigates the vulnerability.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies an application that has the \u003ccode\u003efrontendApiProxy\u003c/code\u003e feature enabled and is running a vulnerable version of \u003ccode\u003e@clerk/backend\u003c/code\u003e, \u003ccode\u003e@clerk/express\u003c/code\u003e, \u003ccode\u003e@clerk/hono\u003c/code\u003e, or \u003ccode\u003e@clerk/fastify\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the proxy endpoint (\u003ccode\u003e/__clerk/\u003c/code\u003e by default). The request path includes double slashes or other path manipulation techniques to bypass intended routing logic.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003eclerkFrontendApiProxy\u003c/code\u003e function processes the crafted request without proper sanitization or validation of the request path.\u003c/li\u003e\n\u003cli\u003eDue to the SSRF vulnerability, the proxy makes an internal request to an unintended destination, potentially including an attacker-controlled server.\u003c/li\u003e\n\u003cli\u003eThe application\u0026rsquo;s \u003ccode\u003eClerk-Secret-Key\u003c/code\u003e is inadvertently included in the headers or body of the internal request made by the proxy.\u003c/li\u003e\n\u003cli\u003eThe attacker-controlled server receives the request containing the \u003ccode\u003eClerk-Secret-Key\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts the \u003ccode\u003eClerk-Secret-Key\u003c/code\u003e from the captured request.\u003c/li\u003e\n\u003cli\u003eWith the compromised \u003ccode\u003eClerk-Secret-Key\u003c/code\u003e, the attacker can impersonate the application, access protected resources, or perform other unauthorized actions within the Clerk ecosystem.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SSRF vulnerability allows an attacker to obtain the \u003ccode\u003eClerk-Secret-Key\u003c/code\u003e of a vulnerable application. While internal logs from Clerk show no evidence of active exploitation, the potential impact of a compromised secret key is significant. An attacker with the key can impersonate the application, potentially leading to unauthorized access to user data, modification of application settings, or other malicious activities. The severity is further heightened because a successful attack can occur without authentication.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to the patched version of \u003ccode\u003e@clerk/backend\u003c/code\u003e (3.2.3), \u003ccode\u003e@clerk/express\u003c/code\u003e (2.0.7), \u003ccode\u003e@clerk/hono\u003c/code\u003e (0.1.5), or \u003ccode\u003e@clerk/fastify\u003c/code\u003e (3.1.5) immediately if you are using the \u003ccode\u003efrontendApiProxy\u003c/code\u003e feature.\u003c/li\u003e\n\u003cli\u003eRotate your Clerk Secret Key in the \u003ca href=\"https://dashboard.clerk.com\"\u003eClerk Dashboard\u003c/a\u003e under \u003cstrong\u003eAPI Keys\u003c/strong\u003e after upgrading to mitigate potential compromise, as recommended by the advisory.\u003c/li\u003e\n\u003cli\u003eAudit access logs for requests to your proxy endpoint (\u003ccode\u003e/__clerk/\u003c/code\u003e by default) containing double slashes in the path to detect potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule provided below to identify requests with double slashes to the Clerk proxy endpoint.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-28T12:00:00Z","date_published":"2026-03-28T12:00:00Z","id":"/briefs/2026-03-clerk-ssrf/","summary":"A server-side request forgery (SSRF) vulnerability exists in the `clerkFrontendApiProxy` function of the `@clerk/backend` package, allowing an unauthenticated attacker to send the application's `Clerk-Secret-Key` to an attacker-controlled server.","title":"Clerk SSRF Vulnerability in frontendApiProxy Allows Secret Key Leakage","url":"https://feed.craftedsignal.io/briefs/2026-03-clerk-ssrf/"}],"language":"en","title":"CraftedSignal Threat Feed — Clerk","version":"https://jsonfeed.org/version/1.1"}