What is the CVSS score of CVE-2026-42869?

CVE-2026-42869 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of SOCFortress CoPilot are affected by CVE-2026-42869?

SOCFortress CoPilot versions before 0.1.57 contain a critical authentication bypass vulnerability that allows unauthenticated attackers to forge administrator credentials and gain complete control of…. A patch is available.

How to fix or mitigate CVE-2026-42869?

Within 24 hours: Identify all deployed instances of SOCFortress CoPilot and determine active versions (check docker image tags, git history, or version endpoint). Verify whether JWT_SECRET environment variable is explicitly configured in production (if unset, default hardcoded secret applies). Within 7 days: Upgrade all affected instances to SOCFortress CoPilot version 0.1.57 or later, following the vendor's upgrade documentation. Set a cryptographically strong JWT_SECRET value unique per environment and rotate all existing JWT tokens. Within 30 days: Audit access logs for the affected systems to identify unauthorized admin token usage or configuration changes during the vulnerability window; implement JWT signing secret rotation policy and enforce environment-variable configuration validation in deployment pipelines.

SOCFortress CoPilot CVE-2026-42869

EUVD-2026-29184 CRITICAL

Improper Authentication (CWE-287)

2026-05-11 GitHub_M

Authentication Bypass Docker

10.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

May 11, 2026 - 20:02 EUVD

Source Code Evidence Fetched

May 11, 2026 - 19:46 vuln.today

Analysis Generated

May 11, 2026 - 19:46 vuln.today

CVE Published

May 11, 2026 - 18:39 nvd

CRITICAL 10.0

DescriptionNVD

SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships it verbatim in .env.example. Any deployment where JWT_SECRET is not explicitly set - including the default Docker Compose setup - signs all authentication tokens with this publicly known value. An unauthenticated attacker can forge arbitrary admin-scoped JWTs and gain full control of the application and every security tool it manages without any credentials. This vulnerability is fixed in 0.1.57.

AnalysisAI

Authentication bypass in SOCFortress CoPilot versions prior to 0.1.57 allows remote unauthenticated attackers to forge admin-scoped JWT tokens and gain full control of the security operations platform. The application ships with a publicly known JWT signing secret hardcoded as a fallback value (bL4unrkoxtFs1MT6A7Ns2yMLkduyuqrkTxDV9CjlbNc=) in backend/app/auth/utils.py and .env.example. …

RemediationAI

Within 24 hours: Identify all deployed instances of SOCFortress CoPilot and determine active versions (check docker image tags, git history, or version endpoint). Verify whether JWT_SECRET environment variable is explicitly configured in production (if unset, default hardcoded secret applies). …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-42869 vulnerability details – vuln.today

Back

SOCFortress CoPilot CVE-2026-42869

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code