CVE-2026-48523

MEDIUM 5.4

PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

0th

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode() or jwt.decode_complete() are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature verification is performed with the algorithm bound to the PyJWK object instead of the header algorithm. An attacker who controls a registered JWK/JWKS private key can sign with a disallowed algorithm, advertise an allowed algorithm in the JWT header, and still be accepted. The issue affects the documented PyJWKClient.get_signing_key_from_jwt(...) flow. This vulnerability is fixed in 2.13.0.

CWE	CWE-347
Vendor	jpadilla
Product	pyjwt
Published	May 28, 2026
Last Updated	May 28, 2026

Stay Ahead of the Next One

Get instant alerts for jpadilla pyjwt

Be the first to know when new medium vulnerabilities affecting jpadilla pyjwt are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Affected Versions

jpadilla / pyjwt

>= 2.9.0, < 2.13.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/jpadilla/pyjwt/security/advisories/GHSA-jq35-7prp-9v3f