CVE 9.1 CRITICAL

CVE-2026-36727_CVE-2026-36727

June 10, 2026 invoker category_cve
9.1 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token.

AI Analysis

Insecure authentication vulnerability allowing attackers to bypass authentication via a forged JWT token

Basic Information

ID CVE-2026-36727
Source mitre
Published Jun 9, 2026 at 00:00
Modified Jun 10, 2026 at 18:50

Affected Product

Vendor bookcars
Product bookcars
Version v8.3
Affected Versions n/a n/a n/a

CWE Classification

CWE-287

AI Assessment

AI Score 9.1 / 10
AI Severity Critical
Vendor bookcars
Product bookcars
Version v8.3

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.