CVE-2026-32716— SciTokens: Authorization Bypass via Incorrect Scope Path Prefix Checking

CVSS 8.1 · High EPSS 0.01% · P2 Updated Apr 02, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-32716

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

SciTokens: Authorization Bypass via Incorrect Scope Path Prefix Checking

Source: NVD (National Vulnerability Database)

Vulnerability Description

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match (startswith). This allows a token with access to a specific path (e.g., /john) to also access sibling paths that start with the same prefix (e.g., /johnathan, /johnny), which is an Authorization Bypass. This issue has been patched in version 1.9.6.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

scitokens 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

scitokens是SciTokens开源的一个基于JWT的科学计算令牌库。 SciTokens 1.9.6之前版本存在授权问题漏洞，该漏洞源于Enforcer使用简单前缀匹配验证范围路径，可能导致授权绕过。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
scitokens	scitokens	< 1.9.6	-

II. Public POCs for CVE-2026-32716

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-32716

请登录查看更多情报信息。

Same Patch Batch · scitokens · 2026-03-31 · 5 CVEs total

CVE-2026-32714	9.8 CRITICAL	SciTokens vulnerable to SQL Injection in KeyCache
CVE-2026-32725	8.3 HIGH	SciTokens C++: Relative Path Traversal Vulnerability
CVE-2026-32727	8.1 HIGH	SciTokens: Authorization Bypass via Path Traversal in Scope Validation
CVE-2026-32726	8.1 HIGH	SciTokens C++: Sibling-Path Authorization Bypass

IV. Related Vulnerabilities

Same product: scitokens

Same vendor: scitokens

Same weakness: CWE-285

V. Comments for CVE-2026-32716

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-32716— SciTokens: Authorization Bypass via Incorrect Scope Path Prefix Checking

I. Basic Information for CVE-2026-32716

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-32716

III. Intelligence Information for CVE-2026-32716

Same Patch Batch · scitokens · 2026-03-31 · 5 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-32716

Leave a comment