1. Critical JWT Forgery Vulnerability in SOFortress CoPilot Allows Admin Token Impersonation
A critical authentication bypass vulnerability has been exposed in SOFortress CoPilot, stemming from the use of a publicly known secret for signing JSON Web Tokens (JWTs). The flaw, catalogued as CVE-2026-42869, enables attackers to forge admin-scoped JWTs and potentially gain full control over the affected security op...