lollms fixes weak JWT signing key enabling admin token forgery
TL;DR — A weak JWT signing secret in parisneo/lollms enables offline key cracking and forged administrative JWTs, turning any exposed session-authenticated endpoint into a potential admin-impersonation path.
What happened
parisneo/lollms (LoLLMS) is a self-hosted platform for running and managing LLM-driven applications and endpoints. CVE-2026-1114 describes a Critical session-management failure where the application uses a weak secret key for signing JSON Web Tokens (JWTs).
Per the CVE record, an attacker can brute-force the JWT signing secret offline and then forge administrative tokens by modifying the JWT payload and re-signing with the recovered secret, enabling privilege escalation and access to restricted endpoints.
| Item | Source value |
|---|---|
| Affected product | parisneo/lollms |
| Affected versions | < 2.2.0 |
| Severity | CVSS v3.0 9.8 (Critical) |
| CVSS vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Fix status | "resolved in version 2.2.0" |
This is a high-impact, high-prevalence failure mode for platform teams because JWTs often gate every privileged API path; once the signing secret is recoverable, authorization becomes a client-controlled artifact, not a server-enforced control.
Who is impacted
- Deployments running
parisneo/lollmsversions reported as affected in the CVE record (< 2.2.0). - Instances that expose
lollmsto untrusted networks (as implied byAV:N) or where untrusted users can obtain any form of access that yields JWTs for offline analysis. - Environments where the JWT signing secret is reused across deployments (e.g., cloned images or shared
.envpatterns), increasing cross-environment blast radius if one instance is cracked.
What to do now
- Follow vendor remediation guidance and apply the latest patched release available at the time of writing.
"The issue is resolved in version 2.2.0."
- Inventory where
parisneo/lollmsis deployed (containers, VM images, and GitOps pins) and prioritize any internet-exposed instances. - Treat this as a potential auth-material compromise scenario:
- rotate/replace the JWT signing secret(s) used by the service
- invalidate existing sessions/tokens where operationally feasible
- review logs for unexpected use of admin-only endpoints and suspicious token lifetimes/claims
- If you run
lollmsbehind a gateway, ensure the service is not reachable directly (reduce bypass paths) while rollout and key rotation are in progress.
Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.