@pentesterlab.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

PentesterLab

pentesterlab.com

did:plc:vsjziuri7y2hxzp3vnazcsoh

🪲 CVE-2026-23993: JWT authentication bypass in HarbourJwt via “unknown alg” I hope no one will mind that I put my own content in there. I^WClaude found a JWT bypass in HarbourJwt: https://pentesterlab.com/blog/cve-2026-23993-harbourjwt-unknown-alg-jwt-bypass

2026-02-02T00:26:18.570Z