{"uuid": "0088b078-9de0-4287-b080-5b1d8a0c5740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39999", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mosoyvi5jr2z", "content": "Apache APISIX fixed CVE-2026-39999, an authentication-bypass-by-spoofing in the jwt-auth plugin spanning versions 2.2 through 3.16.0. Upgrade to 3.17.0 to close it; the advisory claims a CVSS v4.0 score of 7.0. Is jwt-auth your only gateway authentication layer?\n#security", "creation_timestamp": "2026-06-21T15:33:01.840719Z"}