🚨 CRITICAL: pac4j-jwt (pre-4.5.9/5.7.9/6.3.3) vulnerable to auth bypass (CVE-2026-29000). Attackers w/ RSA public key can forge JWTs, impersonate any user. Patch now & audit JWT usage! https://radar.offseq.com/threat/cve-2026-29000-cwe-347-improper-verification-of-cr-c33a53b1 #OffSeq #CVE202629000 #JWT #Security