CVE-2026-29000 is an authentication bypass vulnerability affecting the pac4j-jwt library. Versions prior to 4.5.9, 5.7.9, and 6.3.3 are vulnerable. For additional technical details about the vulnerability, please refer to the official advisory for CVE-2026-29000.
BigFix Inventory can be used to identify systems where the affected pac4j-jwt library is deployed within the environment using below custom CIT signatures.
Two custom CIT signatures have been created:
1. Discovery Signature (All Versions)
-
Component Name: pac4j-jwt
-
Version: 0.ALL
This signature detects all versions of pac4j-jwt. It can be used to identify where the library is present in the environment and understand where it is deployed or used.
Signature file: https://bigfix.me/signature/details/1271 software_pac4j-jwt-0.ALL.xml
2. Vulnerability Detection Signature (Affected Versions Only)
-
Component Name: pac4j-jwt Affected By CVE-2026-29000
-
Version: 0.AFFECTED
This signature specifically detects pac4j-jwt versions that are affected by CVE-2026-29000.
Signature file: https://bigfix.me/signature/details/1270 software_pac4j-jwt_Affected_By_CVE-2026-29000-0.AFFECTED.xml
The process for using CIT custom signatures:
-
Download the signature file from the URL provided under every type of discovery described.
-
Login to BigFix Inventory.
-
Go to Management → Catalog Customization.
-
Import the file with the custom signature.
-
Run an import process to allow the BFI server to process the signature and initiate the signature propagation to the endpoints.
-
Run a software scan on the endpoints.
-
Ensure the Upload Software Scan Result fixlet is running.
-
Run an import process to import the scan results.
-
Verify the results on the reports.
Bigfix Inventory Team