CyberRota
← Ana sayfaya dön

CVE-2026-39999

CRITICAL · CVSS 9.1 EPSS %0.39

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-19T14:16:21.950 · Çekilme zamanı: 2026-06-30T18:27:47.346968+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-39999
Severity
CRITICAL
CVSS
9.1
EPSS
%0.39
Apache

Orijinal NVD Açıklaması

Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker can completely bypass authentication capitalising on certain configurations of jwt-auth plugin. This issue affects Apache APISIX: from v2.2 through v3.16.0. Users are recommended to upgrade to version v3.17.0, which fixes the issue.