Severity:
HIGH RISK
(7.1)
Authentication Bypass via Misused JWT Subject (CWE-287) in Laravel Passport OAuth2 Guard
CVE-2026-39976
Published:
Status:
Awaiting Analysis
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Source
NDV
