EUVD-2025-20137

Malicious code in bioql PyPI...

CVE-2025-7079

A vulnerability, which was classified as problematic, has been found in mao888 bluebell-plus up to 2.3.0. This issue affects some unknown processing of the file bluebellbackend/pkg/jwt/jwt.go of the component JWT Token Handler. The manipulation of the argument mySecret with the input bluebell-plu...

CVE-2025-7079

A vulnerability, which was classified as problematic, has been found in mao888 bluebell-plus up to 2.3.0. This issue affects some unknown processing of the file bluebellbackend/pkg/jwt/jwt.go of the component JWT Token Handler. The manipulation of the argument mySecret with the input bluebell-plu...

CVE-2025-7079

A vulnerability, which was classified as problematic, has been found in mao888 bluebell-plus up to 2.3.0. This issue affects some unknown processing of the file bluebellbackend/pkg/jwt/jwt.go of the component JWT Token Handler. The manipulation of the argument mySecret with the input bluebell-plu...

CVE-2025-7079 mao888 bluebell-plus JWT Token jwt.go hard-coded password

A vulnerability, which was classified as problematic, has been found in mao888 bluebell-plus up to 2.3.0. This issue affects some unknown processing of the file bluebellbackend/pkg/jwt/jwt.go of the component JWT Token Handler. The manipulation of the argument mySecret with the input bluebell-plu...

PT-2025-28072 · Unknown · Mao888 Bluebell-Plus

Name of the Vulnerable Software and Affected Versions: mao888 bluebell-plus versions up to 2.3.0 Description: A problematic vulnerability has been found in the JWT Token Handler component, affecting the processing of the file bluebell backend/pkg/jwt/jwt.go. The issue involves the manipulation of...

bluebell-plus 安全漏洞

bluebell-plus is a blog forum web project by ChaoHu personal developer. A security vulnerability exists in bluebell-plus version 2.3.0 and earlier, which stems from the use of a hard-coded password for the parameter mySecret in the bluebellbackend/pkg/jwt/jwt.go file...