CVE-2025-14261

The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack...

CVE-2025-14261

The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack...

CVE-2025-14261 Lack of entropy allows registered low-privileged users of Litmus to crack valid JWT tokens and gain admin privileges

The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack...

CVE-2025-14261

CVE-2025-14261 affects the Litmus platform where JWT signing uses a 6-byte secret. The root cause is extremely low entropy in the signing key, enabling brute-force access to valid tokens and potential elevation of privileges (e.g., registered users gaining admin capabilities) as described across ...

Security Bulletin: IBM Datapower Operations Dashboard could allow a remote attacker to cause a denial of service CVE-2025-53864

Summary Connect2id Nimbus JOSE + JWT is used by the IBM Datapower Operations Dashboard for Javascript Object Signing and Encryption Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause ...

PT-2025-49585

Name of the Vulnerable Software and Affected Versions Litmus Platform affected versions not specified Description The Litmus platform utilizes JWT for authentication and authorization; however, the JWT signing secret key is only 6 bytes in length, making it susceptible to cracking. This allows fo...

LitmusChaos 安全特征问题漏洞

LitmusChaos is a program open-sourced by Litmus Chaos that practices chaos engineering in a cloud-native manner. LitmusChaos suffers from a Security Feature Issue vulnerability that stems from a JWT signing key that is too short, which could lead to authentication bypass...

Target Cipher Inventory

This plugin collects cryptographic ciphers and algorithms discovered during the scan as a machine parsable JSON file attachment. TRUSTED...

EUVD-2025-201594

A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function RENAMEFILE/OPERATEFILE/NGNIXUPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-14184

A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function RENAMEFILE/OPERATEFILE/NGNIXUPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-14184 SGAI Space1 NAS N1211DS gsaiagent JSONAPI NGNIX_UPLOAD command injection

A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function RENAMEFILE/OPERATEFILE/NGNIXUPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-14183 SGAI Space1 NAS N1211DS gsaiagent JSONAPI GET_USER_INFO credentials storage

A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GETFACTORYINFO/GETUSERINFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit...

PT-2025-49394

A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET FACTORY INFO/GET USER INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The...

CVE-2025-34256

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a hard-coded cryptographic key vulnerability. The product uses a static HS512 HMAC secret for signing EIRMMToken JWTs across all installations. The server accepts forged JWTs that need only contain a valid email claim, allowing a remote...

BIT-MONGODB-2025-13507 Time-series operations may cause internal BSON size limit to be exceed

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

BIT-ENVOY-2025-64527 Envoy crashes when JWT authentication is configured with the remote JWKS fetching

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy crashes when JWT authentication is configured with the remote JWKS fetching, allowmissingorfailed is enabled, multiple JWT tokens are present in the request headers and the JWKS fetch...

CVE-2025-12577 Listar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Listing Update

The Listar – Directory Listing & Classifieds WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/listar/v1/place/save' REST API endpoint in all versions up to, and including, 3.0.0. This makes it possible for...

CSV Injection

Overview json-2-csv is an A JSON to CSV and CSV to JSON converter that natively supports sub-documents and auto-generates the CSV heading. Affected versions of this package are vulnerable to CSV Injection via the preventCsvInjection option which can be bypassed. An attacker can inject formulas in...

CSV Injection

Overview org.webjars.npm:json-2-csv is an A JSON to CSV and CSV to JSON converter that natively supports sub-documents and auto-generates the CSV heading. Affected versions of this package are vulnerable to CSV Injection via the preventCsvInjection option which can be bypassed. An attacker can...

EUVD-2025-201100

Envoy crashes when JWT authentication is configured with the remote JWKS fetching...