Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2026/01/16 11:16 a.m.6 views

CVE-2025-59870

HCL MyXalytics is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk...

9.8CVSS5.8AI score0.00236EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:30 a.m.7 views

CVE-2024-48952

An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate tokens that allow access to SOAR API endpoints without authentication. This static key vulnerability enables attackers to create custom JWT secret keys for unauthorized access to these endpoints...

6.4CVSS6.9AI score0.00271EPSS
Exploits0References1
CVE
CVEadded 2024/11/07 12:0 a.m.76 views

CVE-2024-48952

CVE-2024-48952 affects Logpoint prior to 7.5.0. The issue arises from SOAR using a static JWT secret key to generate tokens, which can allow attackers to access SOAR API endpoints without authentication. This enables creation of custom JWT secret keys for unauthorized access. The Red Hat and PT S...

6.4CVSS7.1AI score0.00271EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder