CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-17816

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00326EPSS

Exploits0References2

RedhatCVE•added 2025/06/12 9:20 p.m.•6 views

CVE-2025-35940

The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL endpoints...

8.1CVSS8.1AI score0.00326EPSS

Exploits0References1

Cvelist•added 2025/06/10 8:27 p.m.•16 views

CVE-2025-35940 Hard-coded ArchiverSpaApi JWT Signing Key

8.1CVSS0.00326EPSS

Exploits0References1

CVE•added 2025/06/10 8:27 p.m.•70 views

CVE-2025-35940

The CVE-2025-35940 entry concerns ArchiverSpaApi (ASP.NET) that uses a hard-coded JWT signing key. The information across sources indicates an unauthenticated attacker can generate a verifiable JWT token to access protected ArchiverSpaApi endpoints (e.g., /api/v1/login, /users/{id}). The Red Hat ...

8.1CVSS8.1AI score0.00326EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 8:27 p.m.•5 views

CVE-2025-35940 Hard-coded ArchiverSpaApi JWT Signing Key

8.1CVSS7.3AI score0.00326EPSS

Exploits0References1

Positive Technologies•added 2025/06/10 12:0 a.m.•3 views

PT-2025-24933 · Unknown · Archiverspaapi

Name of the Vulnerable Software and Affected Versions: ArchiverSpaApi affected versions not specified Description: The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected...

8.1CVSS6.6AI score0.00326EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by