CVE-2026-23996 | Athroniaeth fastapi-api-key up to 1.0.x verify_key timing discrepancy (GHSA-95c6-p277-p87g)

Inserito da Angelo Barbosa | Gen 22, 2026 | CVE

A vulnerability has been found in Athroniaeth fastapi-api-key up to 1.0.x and classified as problematic. Affected by this issue is the function verify_key. The manipulation leads to observable timing discrepancy.

This vulnerability is listed as CVE-2026-23996. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2026-23996 | Athroniaeth fastapi-api-key up to 1.0.x verify_key timing discrepancy (GHSA-95c6-p277-p87g)

Post correlati

CVE-2025-11156 | Netskope Client up to R131 on Windows null pointer dereference (kpsa-2025-005)

CVE-2023-46052 | Sane 1.2.1 Config File init_options buffer overflow

CVE-2023-51558 | Foxit PDF Reader AcroForm Doc out-of-bounds (ZDI-23-1871)

CVE-2025-7122 | Campcodes Complaint Management System 1.0 /admin/index.php Username sql injection