Scitokens — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/scitokens/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 31 Mar 2026 03:17:16 +0000SciTokens Authorization Bypass Vulnerability (CVE-2026-32716)https://feed.craftedsignal.io/briefs/2026-04-scitokens-auth-bypass/Tue, 31 Mar 2026 03:17:16 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-04-scitokens-auth-bypass/SciTokens versions prior to 1.9.6 incorrectly validate scope paths using a prefix match, leading to an authorization bypass vulnerability where a token with access to a specific path can access sibling paths with the same prefix.<p>SciTokens is a reference library for generating and using SciTokens. Versions prior to 1.9.6 are vulnerable to an authorization bypass. The vulnerability, identified as CVE-2026-32716, stems from incorrect validation of scope paths within the Enforcer component. Instead of performing an exact match, the Enforcer uses a simple prefix match (startswith). This flaw allows a token authorized for a specific path (e.g., <code>/john</code>) to also gain unauthorized access to sibling paths sharing the same…</p> highadvisoryauthorization-bypassscitokensCVE-2026-32716SciTokens Library Path Traversal Vulnerability (CVE-2026-32727)https://feed.craftedsignal.io/briefs/2024-01-23-scitokens-path-traversal/Tue, 31 Mar 2026 03:15:57 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-01-23-scitokens-path-traversal/A path traversal vulnerability (CVE-2026-32727) in SciTokens library versions prior to 1.9.7 allows attackers to bypass intended directory restrictions using dot-dot sequences in the scope claim of a token due to improper path normalization.The SciTokens library, a reference implementation for generating and using SciTokens, is susceptible to a path traversal vulnerability affecting versions prior to 1.9.7. This vulnerability, identified as CVE-2026-32727, stems from the library’s Enforcer component. An attacker can exploit this flaw by crafting a malicious token containing a scope claim with “dot-dot” (..) sequences. These sequences allow the attacker to navigate outside the intended directory restriction, potentially accessing…

]]>highadvisoryscitokenspath-traversalcve-2026-32727vulnerabilitySciTokens KeyCache SQL Injection Vulnerability (CVE-2026-32714)https://feed.craftedsignal.io/briefs/2026-03-scitokens-sqli/Tue, 31 Mar 2026 03:15:55 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-scitokens-sqli/A SQL injection vulnerability exists in SciTokens versions before 1.9.6, allowing attackers to execute arbitrary SQL commands via the KeyCache class by manipulating user-supplied data used in SQL query construction.SciTokens is a reference library for generating and using SciTokens. A critical SQL injection vulnerability, identified as CVE-2026-32714, affects SciTokens versions prior to 1.9.6. The vulnerability resides within the KeyCache class, which improperly utilizes Python’s str.format() to construct SQL queries. This allows an attacker to inject arbitrary SQL commands by manipulating user-supplied data, such as the issuer and key_id parameters, during interactions with the local SQLite…

]]>criticaladvisorysql-injectionscitokenscve-2026-32714web-application