CVE-2026-35039
Published: 06 April 2026
Summary
CVE-2026-35039 is a critical-severity Insufficient Verification of Data Authenticity (CWE-345) vulnerability in Nearform Fast-Jwt. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 5.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and CM-6 (Configuration Settings).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly mitigates CVE-2026-35039 by requiring upgrade to fast-jwt version 6.2.0 or later, which patches cache key generation to prevent collisions during JWT verification.
Configuration settings ensure the custom cacheKeyBuilder in fast-jwt generates unique keys, preventing cache collisions that lead to token misidentification.
Vulnerability monitoring and scanning identifies deployments using vulnerable fast-jwt versions (0.0.1 to <6.2.0), enabling timely remediation of the cache collision flaw.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote exploitation of public-facing apps (T1190) via crafted JWTs causing cache collisions, directly facilitating user impersonation and unauthorized access (T1656).
NVD Description
fast-jwt provides fast JSON Web Token (JWT) implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly create unique keys for different tokens can lead to cache collisions. This could cause tokens to be…
more
mis-identified during the verification process leading to valid tokens returning claims from different valid tokens and users being mis-identified as other users based on the wrong token. Version 6.2.0 contains a patch.
Deeper analysisAI
CVE-2026-35039 affects the fast-jwt library, a fast JSON Web Token (JWT) implementation for Node.js applications, in versions from 0.0.1 up to but not including 6.2.0. The vulnerability arises when developers configure a custom cacheKeyBuilder method that fails to generate unique keys for different tokens, resulting in cache collisions during the JWT verification process. This leads to valid tokens being misidentified, where they return claims from other valid tokens, potentially causing user misidentification. The issue is rated with a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) and is associated with CWEs 345 (Insufficient Verification of Data Authenticity), 706 (Use of Incorrectly-Resolved Name Into a Reference), and 1289 (Improper Validation of Specified Type of Input).
An attacker can exploit this vulnerability remotely over the network with low complexity, no privileges, and no user interaction required. Exploitation requires the target application to use fast-jwt with a flawed custom cacheKeyBuilder implementation. By crafting JWTs that collide in the cache with legitimate tokens, an attacker can cause the verification process to associate incorrect claims with a presented valid token, enabling user impersonation or unauthorized access to another user's privileges and data. This impacts confidentiality and integrity highly but does not affect availability.
The GitHub security advisory (GHSA-rp9m-7r4c-75qg) and the patching commit (de121056c6415b58770c60640881eaec67ac4ceb) confirm that version 6.2.0 of fast-jwt resolves the issue by improving cache key generation to prevent collisions. Security practitioners should upgrade to 6.2.0 or later and review any custom cacheKeyBuilder implementations for proper uniqueness in key generation.
Details
- CWE(s)