EXECUTIVE SUMMARY:
CVE-2026-44351 with a CVSS score of 9.1 is a critical authentication-bypass vulnerability in the fast-jwt library, specifically affecting versions that use an asynchronous callback function to set the key, such as fast-jwt<=6.2.3, where the library's async key-resolver flow allows an unauthenticated attacker to forge arbitrary JWTs that are accepted as authentic by exploiting the fact that the library converts an empty string returned by the key resolver to a zero-length Buffer, which is then used to verify the token's signature against an empty-key HMAC. An attacker can exploit this vulnerability by computing the HMAC-SHA256 of the token's header and payload using an empty string as the key, and then appending the resulting signature to the token, which can be done with no special knowledge or privileges required, and with no user interaction needed, allowing the attacker to gain the capability to assume any identity and bypass authentication, resulting in a significant business impact and consequences, including full identity assumption, where the attacker can grant themselves any role or access level, and cache amplification, where a forged token can be cached and reused, and this vulnerability can be triggered when the application developer uses an asynchronous callback function to set the key and the response from the async callback returns an empty string or zero-length buffer, and the library configuration must allow HMAC signatures, which is the default for the library.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-44351 with a CVSS score of 9.1 is a critical authentication-bypass vulnerability in the fast-jwt library, specifically affecting versions that use an asynchronous callback function to set the key, such as fast-jwt<=6.2.3, where the library's async key-resolver flow allows an unauthenticated attacker to forge arbitrary JWTs that are accepted as authentic by exploiting the fact that the library converts an empty string returned by the key resolver to a zero-length Buffer, which is then used to verify the token's signature against an empty-key HMAC. An attacker can exploit this vulnerability by computing the HMAC-SHA256 of the token's header and payload using an empty string as the key, and then appending the resulting signature to the token, which can be done with no special knowledge or privileges required, and with no user interaction needed, allowing the attacker to gain the capability to assume any identity and bypass authentication, resulting in a significant business impact and consequences, including full identity assumption, where the attacker can grant themselves any role or access level, and cache amplification, where a forged token can be cached and reused, and this vulnerability can be triggered when the application developer uses an asynchronous callback function to set the key and the response from the async callback returns an empty string or zero-length buffer, and the library configuration must allow HMAC signatures, which is the default for the library.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to update fast-jwt to version 6.2.4.
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-gmvf-9v4p-v8jc