{"uuid": "1849d130-1b2b-405e-8f17-88ec023f2a22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39999", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3mossamtmun2y", "content": "If your stack runs Apache APISIX with jwt-auth, CVE-2026-39999 affects versions 2.2 through 3.16.0, which is most deployments out there. An attacker could bypass authentication by spoofing. 3.17.0 fixes it. When did you last audit which gateway plugins are exposed?\n#APISIX", "creation_timestamp": "2026-06-21T16:31:02.195844Z"}