Primary

Context

Kavita Improper Token Validation Vulnerability Allowing Pre-Authenticated Account Takeover

Vulnerability

Patched

A critical vulnerability has been identified in Kavita reading server versions prior to 0.9.0.2. This vulnerability allows remote, unauthenticated users to request a JSON Web Token (JWT) for any user, including administrators, by knowing their username. The issue arises from improper validation of tokens, enabling unauthorized access to user accounts.

Impact

Exploitation of this vulnerability allows for pre-authentication account takeover, where an attacker can gain unauthorized access to user accounts, including those of administrators, by requesting JWTs for these accounts.

Remediation

Users are advised to update to Kavita version 0.9.0.2 or later, where this vulnerability has been fixed.

Added: May 26, 2026, 10:33 PM

Updated: May 26, 2026, 10:33 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

7.0

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

5.0

exploitability

7.0

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kavita Improper Token Validation Vulnerability Allowing Pre-Authenticated Account Takeover

Vulnerability

Impact

Remediation

Affected Products

Kareadita Kavita

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating