Is Jwt Attack affected by EUVD-2026-18533?

CVE-2026-34840 is a high-severity authentication bypass in OneUptime's SAML SSO implementation that allows authenticated users to impersonate any other user in the system.

EUVD-2026-18533

| CVE-2026-34840 HIGH

2026-04-02 GitHub_M

8.1

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 02, 2026 - 19:31 vuln.today

EUVD ID Assigned

Apr 02, 2026 - 19:31 euvd

EUVD-2026-18533

CVE Published

Apr 02, 2026 - 18:52 nvd

HIGH 8.1

Description

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, OneUptime's SAML SSO implementation (App/FeatureSet/Identity/Utils/SSO.ts) has decoupled signature verification and identity extraction. isSignatureValid() verifies the first <Signature> element in the XML DOM using xml-crypto, while getEmail() always reads from assertion[0] via xml2js. An attacker can prepend an unsigned assertion containing an arbitrary identity before a legitimately signed assertion, resulting in authentication bypass. This issue has been patched in version 10.0.42.

Analysis

Authentication bypass in OneUptime SAML SSO implementation allows authenticated attackers to impersonate arbitrary users by exploiting XML signature verification logic flaws. Affected versions prior to 10.0.42 decouple signature validation from identity extraction, enabling XML injection attacks where an unsigned assertion with attacker-controlled identity precedes a legitimately signed assertion. …

Remediation

Within 24 hours: Inventory all OneUptime instances and document current versions; audit SAML SSO configuration and recent authentication logs for suspicious session activity or unusual privilege escalations. Within 7 days: Implement SAML assertion validation at the application layer (verify signature and identity extraction occur atomically); consider supplementary authentication factors for sensitive operations. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +40

POC: 0

EUVD-2026-18533 vulnerability details – vuln.today

Back

EUVD-2026-18533

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-18533

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code