Centrifugo: SSRF via unverified JWT claims interpolated into dynamic JWKS endpoint URL
Critical severity
GitHub Reviewed
Published
Mar 12, 2026
in
centrifugal/centrifugo
•
Updated Mar 27, 2026
Give feedback on Dependabot alerts