Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Cvelist
Cvelistadded 2026/03/20 10:37 p.m.19 views

CVE-2026-33204 SimpleJWT has an Unauthenticated Denial of Service via JWE header tampering

SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that call JWE::decrypt on attacker-controlled JWEs using PBES2 algorithms are...

7.5CVSS0.00481EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/03/20 12:0 a.m.4 views

SimpleJWT 资源管理错误漏洞

SimpleJWT is a JSON Web Token library written in PHP by Kelvin Mo as a personal project. Versions of SimpleJWT prior to 1.1.1 contained a resource management vulnerability. This vulnerability arises from the use of the PBES2 algorithm, allowing unauthenticated attackers to perform denial-of-servi...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2024/03/19 3:37 a.m.6 views

SUSE CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6.7AI score0.00804EPSS
Exploits3References3
Rows per page
Query Builder