Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
CVE-2026-42869: SOCFortress CoPilot allows unauthorized access to admin accounts
CVE-2026-42869
Summary
SOCFortress CoPilot, a security operations tool, had a secret key that was publicly known. This allowed an attacker to create fake admin accounts without a password. The issue is fixed in version 0.1.57. To stay secure, update to the latest version of SOCFortress CoPilot.
Original title
SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value...
Original description
SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships it verbatim in .env.example. Any deployment where JWT_SECRET is not explicitly set — including the default Docker Compose setup — signs all authentication tokens with this publicly known value. An unauthenticated attacker can forge arbitrary admin-scoped JWTs and gain full control of the application and every security tool it manages without any credentials. This vulnerability is fixed in 0.1.57.
nvd CVSS3.1
10.0
Vulnerability type
CWE-287
Improper Authentication
CWE-522
Insufficiently Protected Credentials
CWE-798
Use of Hard-coded Credentials
Published: 11 May 2026 · Updated: 28 May 2026 · First seen: 11 May 2026