{"uuid": "c45639e4-1719-4798-a87d-e4f9e0da5462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48526", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwksx74os2e", "content": "CVE-2026-48526 - PyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowed\nCVE ID : CVE-2026-48526\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : PyJWT is a JSON Web Token implementation in Python. Prior...", "creation_timestamp": "2026-05-28T17:38:22.790548Z"}