CVE Catalog

CVE-2026-42869

Critical
Published: Translated: NVD NIST

Summary

In versions prior to 0.1.57, SOCFortress CoPilot contained a hardcoded JWT signing secret, allowing attackers to forge admin-scoped tokens. If JWT_SECRET is not set, all authentication tokens are signed with this publicly known key.

Risk Assessment

An unauthenticated attacker can gain full control over the application and all security tools it manages, posing a serious threat to the organization's security.

Recommendation

It is recommended to upgrade to version 0.1.57 or later and ensure that JWT_SECRET is always explicitly set in the configuration.

Original NVD description (English source)

SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships it verbatim in .env.example. Any deployment where JWT_SECRET is not explicitly set — including the default Docker Compose setup — signs all authentication tokens with this publicly known value. An unauthenticated attacker can forge arbitrary admin-scoped JWTs and gain full control of the application and every security tool it manages without any credentials. This vulnerability is fixed in 0.1.57.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS