github auth0/auth0.js v10.0.0
on GitHub

2 hours ago

This fixes the release failure (#1631).
Fixed

  • Security fix: Resolve CVE-2026-42280

Breaking change

Affected Details
Apps using RS256 No breaking change
Apps using HS256 parseHash() now returns an invalid_token error instead of silently succeeding. Must switch to RS256 in the Auth0 Dashboard: Applications → your app → Settings → Advanced Settings → OAuth → JsonWebToken Signature Algorithm → RS256
Check out latest releases or
releases around auth0/auth0.js v10.0.0

Don't miss a new auth0.js release

NewReleases is sending notifications on new releases.

Get notifications