5 Total advisories
5 Vulnerabilities
0 Malware
Vulnerabilities
UNKNOWN
CVE-2026-49852
joserfc: HS256/HS384/HS512 verify accepts empty/nil HMAC key (cross-language sibling of CVE-2026-45363)
UNKNOWN
CVE-2025-65015
joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads
MEDIUM 5.3
CVE-2026-48990
joserfc: b64=false RFC7797 JWS payloads bypass JWSRegistry payload-size limits during deserialization
UNKNOWN
CVE-2025-65015
joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads
HIGH 7.5
CVE-2026-27932
joserfc's PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS)
Ready to move
Start Securing
Free, no credit card | First findings in minutes