Vulnerability Description
SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match (startswith). This allows a token with access to a specific path (e.g., /john) to also access sibling paths that start with the same prefix (e.g., /johnathan, /johnny), which is an Authorization Bypass. This issue has been patched in version 1.9.6.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Scitokens | Scitokens Library | < 1.9.6 |
Related Weaknesses (CWE)
References
- https://github.com/scitokens/scitokens/commit/7a237c0f642efb9e8c36ac564b745895ccPatch
- https://github.com/scitokens/scitokens/releases/tag/v1.9.6Release Notes
- https://github.com/scitokens/scitokens/security/advisories/GHSA-w8fp-g9rh-34jhExploitVendor Advisory
FAQ
What is CVE-2026-32716?
CVE-2026-32716 is a vulnerability with a CVSS score of 8.1 (HIGH). SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match (startswith). This allows a t...
How severe is CVE-2026-32716?
CVE-2026-32716 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-32716?
Check the references section above for vendor advisories and patch information. Affected products include: Scitokens Scitokens Library.