CVE-2026-12616 Blast Radius
MEDIUM • CVSS 6.9The /v1/upload/sbom endpoint extracts the iss claim from the attacker-supplied JWT with signature verification disabled, then interpolates that string…
Is Your Infrastructure Using These Packages?
EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-12616.