{"vulnerability": "CVE-2025-3014", "sightings": [{"uuid": "5801d89e-c317-4626-ae22-ed3018f0d5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30145", "type": "published-proof-of-concept", "source": "Telegram/Cx1-p36APBve2ZXOx6JZQ1ihep0qwdXJ_nQmLSJI9jXODK8", "content": "", "creation_timestamp": "2025-06-10T16:01:27.000000Z"}, {"uuid": "c062ea7f-93ab-4daf-a098-97cd946e7033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30149", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9696", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30149\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows reflected cross-site scripting (XSS) in the AJAX Script interface\\super\\layout_listitems_ajax.php via the target parameter. This vulnerability is fixed in 7.0.3.\n\ud83d\udccf Published: 2025-03-31T16:07:11.417Z\n\ud83d\udccf Modified: 2025-03-31T16:07:11.417Z\n\ud83d\udd17 References:\n1. https://github.com/openemr/openemr/security/advisories/GHSA-fwfv-8583-6rr7\n2. https://github.com/openemr/openemr/commit/6cb70595f65decfbdd03e70b49acc414e03744b8", "creation_timestamp": "2025-03-31T16:33:20.000000Z"}, {"uuid": "a4be5f76-e30c-4e74-8e91-cf568cdad7a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30148", "type": "seen", "source": "https://t.me/cvedetector/22666", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30148 - Silverstripe Framework JavaScript Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30148 \nPublished : April 10, 2025, 1:15 p.m. | 2\u00a0hours, 3\u00a0minutes ago \nDescription : Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. Prior to 5.3.23, bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitized on the client-side, but server-side sanitization doesn't catch it. The server-side sanitization logic has been updated to sanitize against this attack. This vulnerability is fixed in 5.3.23. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T17:52:18.000000Z"}, {"uuid": "8bd6ecd9-4f96-49a7-9b05-88dc4bc7f4b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30140", "type": "seen", "source": "https://t.me/cvedetector/20609", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30140 - G-Net Dashcam BB GONX Domain Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30140 \nPublished : March 18, 2025, 9:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : An issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the Internal Domain Name. It uses an unregistered public domain name as an internal domain, creating a security risk. This domain was not owned by GNET originally, allowing an attacker to register it and potentially intercept sensitive device traffic (it has since been registered by the vulnerability discoverer). If the dashcam or related services attempt to resolve this domain over the public Internet instead of locally, it could lead to data exfiltration or man-in-the-middle attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T00:26:14.000000Z"}, {"uuid": "6f6722af-b50b-4a00-a993-74a7ae3dd029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30142", "type": "seen", "source": "https://t.me/cvedetector/20599", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30142 - G-Net Dashcam BB GONX MAC Spoofing Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-30142 \nPublished : March 18, 2025, 8:15 p.m. | 23\u00a0minutes ago \nDescription : An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur. It uses MAC address verification as the sole mechanism for recognizing paired devices, allowing attackers to bypass authentication. By capturing the MAC address of an already-paired device through ARP scanning or other means, an attacker can spoof the MAC address and connect to the dashcam without going through the pairing process. This enables full access to the device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T21:55:29.000000Z"}, {"uuid": "a9c9fa52-b3c3-45fa-a011-491ef836ed0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30141", "type": "seen", "source": "https://t.me/cvedetector/20598", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30141 - G-Net Dashcam BB GONX Information Exposure and Video Stream Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30141 \nPublished : March 18, 2025, 8:15 p.m. | 23\u00a0minutes ago \nDescription : An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and the Live Video Stream. It exposes API endpoints on ports 9091 and 9092 that allow remote access to recorded and live video feeds. An attacker who connects to the dashcam's network can retrieve all stored recordings and convert them from JDR format to MP4. Additionally, port 9092's RTSP stream can be accessed remotely, allowing real-time video feeds to be extracted without the owner's knowledge. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T21:55:28.000000Z"}, {"uuid": "5ee5d777-ec57-42d5-9019-3edbec0ae6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30143", "type": "seen", "source": "https://t.me/cvedetector/20497", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30143 - Akamai App & API Protector JavaScript Variable Assignment Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30143 \nPublished : March 17, 2025, 4:15 p.m. | 1\u00a0hour, 41\u00a0minutes ago \nDescription : Rule 3000216 (before version 2) in Akamai App & API Protector (with Akamai ASE) before 2024-12-10 does not properly consider JavaScript variable assignment to built-in functions and properties. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T19:08:48.000000Z"}, {"uuid": "4efc5a20-7314-48e3-a6d7-12d9a9191f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3014", "type": "seen", "source": "Telegram/DCVbRdT_qFrZ0rXrPZ-NREmPhb85qceJxgEhmh0x1cJAtg8", "content": "", "creation_timestamp": "2025-03-31T06:00:41.000000Z"}, {"uuid": "c41b8fc6-a545-4b2b-9ede-24d0f48f1534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30140", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkovvj2k2g2w", "content": "", "creation_timestamp": "2025-03-19T00:18:47.181161Z"}, {"uuid": "2d86513f-120f-4368-9717-7337712c471e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30144", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtncueff2h", "content": "", "creation_timestamp": "2025-03-19T18:43:51.459809Z"}, {"uuid": "638a72ae-d75c-46dc-858f-882f8ee89917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30148", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhta5g52m2q", "content": "", "creation_timestamp": "2025-04-10T15:32:56.289476Z"}, {"uuid": "ece822c1-f359-4d18-a5a7-37ae4e9661c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3014", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:57.000000Z"}, {"uuid": "99a70596-c9d4-4857-bd6d-05ac724d2b80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3014", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "1a39f87a-201b-4064-ba6d-245968de54a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30144", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "67ed2127-246d-40ce-b988-18a5a5539199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30147", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30147\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128_ADD (0x06), ALTBN128_MUL (0x07), and ALTBN128_PAIRING (0x08). These precompiles were reimplemented in besu-native using gnark-crypto's bn254 implementation, as the former implementation used a library which was no longer maintained and not sufficiently performant. The new gnark implementation was initially added in version 0.9.0 of besu-native but was not utilized by Besu until version 0.9.2 in Besu 24.7.1. The issue is that there are EC points which may be crafted which are in the correct subgroup but are not on the curve and the besu-native gnark implementation was relying on subgroup checks to perform point-on-curve checks as well. The version of gnark-crypto used at the time did not do this check when performing subgroup checks. The result is that it was possible for Besu to give an incorrect result and fall out of consensus when executing one of these precompiles against a specially crafted input point. Additionally, homogenous Besu-only networks can potentially enshrine invalid state which would be incorrect and difficult to process with patched versions of besu which handle these calls correctly. The underlying defect has been patched in besu-native release 1.3.0. The fixed version of Besu is version 25.3.0. As a workaround for versions of Besu with the problem, the native precompile for altbn128 may be disabled in favor of the pure-java implementation. The pure java implementation is significantly slower, but does not have this consensus issue.\n\ud83d\udccf Published: 2025-05-07T18:27:41.736Z\n\ud83d\udccf Modified: 2025-05-07T18:27:41.736Z\n\ud83d\udd17 References:\n1. https://github.com/hyperledger/besu-native/security/advisories/GHSA-jcp8-gh74-97hq\n2. https://github.com/hyperledger/besu/blob/main/besu/src/main/java/org/hyperledger/besu/cli/options/NativeLibraryOptions.java#L31-L38", "creation_timestamp": "2025-05-07T19:22:39.000000Z"}, {"uuid": "b3bdb5d4-fd46-44c0-b449-6d74978df574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30145", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17911", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30145\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: GeoServer is an open source server that allows users to share and edit geospatial data. Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service. This vulnerability is fixed in 2.27.0, 2.26.3, and 2.25.7. This vulnerability can be mitigated by disabling WMS dynamic styling and  the Jiffle process.\n\ud83d\udccf Published: 2025-06-10T14:58:48.408Z\n\ud83d\udccf Modified: 2025-06-10T15:16:31.100Z\n\ud83d\udd17 References:\n1. https://github.com/geoserver/geoserver/security/advisories/GHSA-gr67-pwcv-76gf\n2. https://github.com/geosolutions-it/jai-ext/pull/307\n3. https://osgeo-org.atlassian.net/browse/GEOS-11778", "creation_timestamp": "2025-06-10T15:31:13.000000Z"}, {"uuid": "614986f9-0c63-40cf-8653-d64d84c043a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3014", "type": "seen", "source": "https://t.me/cvedetector/21536", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3014 - NightWolf Penetration Testing Tracking IDOR\", \n  \"Content\": \"CVE ID : CVE-2025-3014 \nPublished : March 31, 2025, 4:15 a.m. | 27\u00a0minutes ago \nDescription : Insecure Direct Object References (IDOR) in access control in Tracking 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T07:28:37.000000Z"}, {"uuid": "0b70e308-b8ad-4ec9-818c-e3d3a2020eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30147", "type": "seen", "source": "https://t.me/cvedetector/24762", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30147 - Hyperledger Besu EC Point Crafting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30147 \nPublished : May 7, 2025, 7:16 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128_ADD (0x06), ALTBN128_MUL (0x07), and ALTBN128_PAIRING (0x08). These precompiles were reimplemented in besu-native using gnark-crypto's bn254 implementation, as the former implementation used a library which was no longer maintained and not sufficiently performant. The new gnark implementation was initially added in version 0.9.0 of besu-native but was not utilized by Besu until version 0.9.2 in Besu 24.7.1. The issue is that there are EC points which may be crafted which are in the correct subgroup but are not on the curve and the besu-native gnark implementation was relying on subgroup checks to perform point-on-curve checks as well. The version of gnark-crypto used at the time did not do this check when performing subgroup checks. The result is that it was possible for Besu to give an incorrect result and fall out of consensus when executing one of these precompiles against a specially crafted input point. Additionally, homogenous Besu-only networks can potentially enshrine invalid state which would be incorrect and difficult to process with patched versions of besu which handle these calls correctly. The underlying defect has been patched in besu-native release 1.3.0. The fixed version of Besu is version 25.3.0. As a workaround for versions of Besu with the problem, the native precompile for altbn128 may be disabled in favor of the pure-java implementation. The pure java implementation is significantly slower, but does not have this consensus issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T23:12:23.000000Z"}, {"uuid": "4ecce3ce-ff77-4e5a-9f32-7e2a20edd7dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30147", "type": "seen", "source": "https://bsky.app/profile/earlybirdsinvest.bsky.social/post/3lopohb374d24", "content": "", "creation_timestamp": "2025-05-09T05:18:58.847140Z"}, {"uuid": "eeffaa4e-b183-48fb-a6bd-d15fcaaa2777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30144", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:27.000000Z"}, {"uuid": "d6c6dbb2-08b2-4b37-a599-70998ff18cdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30143", "type": "published-proof-of-concept", "source": "Telegram/LNPMNDynQXCIsbkCl_9fjvEZCatVya5RS81gonm9JdgHk3n0", "content": "", "creation_timestamp": "2026-02-09T16:21:55.000000Z"}, {"uuid": "49d9df8d-6ee7-47a5-8aac-23c12db55789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30149", "type": "seen", "source": "https://t.me/cvedetector/21615", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30149 - OpenEMR Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-30149 \nPublished : March 31, 2025, 4:15 p.m. | 48\u00a0minutes ago \nDescription : OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows reflected cross-site scripting (XSS) in the AJAX Script interface\\super\\layout_listitems_ajax.php via the target parameter. This vulnerability is fixed in 7.0.3. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:19.000000Z"}, {"uuid": "b559ff5e-2aa6-4332-8aa0-35d78002a85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30144", "type": "seen", "source": "https://t.me/cvedetector/20642", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30144 - Fast-JWT Iss Claim Array Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30144 \nPublished : March 19, 2025, 4:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to 5.0.6, the fast-jwt library does not properly validate the iss claim based on the RFC 7519. The iss (issuer) claim validation within the fast-jwt library permits an array of strings as a valid iss value. This design flaw enables a potential attack where a malicious actor crafts a JWT with an iss claim structured as ['https://attacker-domain/', 'https://valid-iss']. Due to the permissive validation, the JWT will be deemed valid. Furthermore, if the application relies on external libraries like get-jwks that do not independently validate the iss claim, the attacker can leverage this vulnerability to forge a JWT that will be accepted by the victim application. Essentially, the attacker can insert their own domain into the iss array, alongside the legitimate issuer, and bypass the intended security checks. This issue is fixed in 5.0.6. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T18:49:15.000000Z"}, {"uuid": "93ac6b68-96cf-4222-b267-2ab12846959b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30147", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lomdjezslkp2", "content": "", "creation_timestamp": "2025-05-07T21:26:00.845049Z"}, {"uuid": "9bdc49cd-1822-4815-812f-8d8bc56fbc96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30147", "type": "seen", "source": "https://bsky.app/profile/10bmnews.bsky.social/post/3lomfr6slji2r", "content": "", "creation_timestamp": "2025-05-07T22:05:29.047386Z"}, {"uuid": "1e06f2dc-a97b-44f7-b281-187b0b83ec05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30147", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lomgxvhdbj2t", "content": "", "creation_timestamp": "2025-05-07T22:27:14.489176Z"}]}