CVE-2026-27478: CVE-2026-27478: Authentication Bypass via Dynamic JWKS Discovery in Unity Catalog

1 / 2

CVE-2026-27478: CVE-2026-27478: Authentication Bypass via Dynamic JWKS Discovery in Unity Catalog

DEV Community·CVE Reports·21 days ago

#bhreSQYY

#releasetagv041 #security #cve #cybersecurity #server #unity

Reading 0:00

15s threshold

CVE-2026-27478: Authentication Bypass via Dynamic JWKS Discovery in Unity Catalog Vulnerability ID: CVE-2026-27478 CVSS Score: 9.1 Published: 2026-05-11 Unity Catalog version 0.4.0 and prior contains a critical authentication bypass vulnerability in the token exchange endpoint. The server dynamically fetches JSON Web Key Sets (JWKS) based on unverified 'iss' (issuer) claims within incoming JSON Web Tokens (JWTs), allowing unauthenticated attackers to forge tokens and impersonate arbitrary users. TL;DR A flaw in Unity Catalog's JWT validation allows complete authentication bypass. By supplying a malicious 'iss' claim, attackers force the server to fetch a public key from an attacker-controlled server to validate a forged token.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

CVE-2026-27478: CVE-2026-27478: Authentication Bypass via Dynamic JWKS Discovery in Unity Catalog