CVE-2026-42869— SOCFortress CoPilot: Hardcoded JWT secret allows unauthenticated full admin compromise and lateral movement into all integrated SOC tools
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| socfortress | CoPilot | < 0.1.57 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-42869
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SOCFortress CoPilot: Hardcoded JWT secret allows unauthenticated full admin compromise and lateral movement into all integrated SOC tools
Source: NVD (National Vulnerability Database)
Vulnerability Description
SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships it verbatim in .env.example. Any deployment where JWT_SECRET is not explicitly set — including the default Docker Compose setup — signs all authentication tokens with this publicly known value. An unauthenticated attacker can forge arbitrary admin-scoped JWTs and gain full control of the application and every security tool it manages without any credentials. This vulnerability is fixed in 0.1.57.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
SOCFortress CoPilot 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SOCFortress CoPilot是SOCFortress开源的一个统一安全运维平台。 SOCFortress CoPilot 0.1.57之前版本存在授权问题漏洞,该漏洞源于硬编码的JWT签名密钥作为后备值,且未明确设置JWT_SECRET的部署使用此公开值,可能导致未认证攻击者伪造任意管理员作用域JWT并完全控制应用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| socfortress | CoPilot | < 0.1.57 | - |
II. Public POCs for CVE-2026-42869
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-42869
请登录查看更多情报信息。
Patch · 2Advisory · 1
IV. Related Vulnerabilities
Same weakness: CWE-287
- CVE-2026-47280
Azure Resource Manager Elevation of Privilege Vulnerability - CVE-2026-41076
RT: LDAP authentication bypass via empty password - CVE-2026-39969
TypeBot: WhatsApp Webhook Endpoint Missing Signature Verific - CVE-2026-32253
Sunshine: Authentication bypass via improper client certific - CVE-2026-44058
Authentication bypass via admin auth user
V. Comments for CVE-2026-42869
No comments yet