VYPR

Simplejwt

by Kelvinmo

Source repositories

CVEs (1)

  • CVE-2026-33204HigMar 20, 2026
    risk 0.42cvss 7.5epss 0.00

    SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used. Applications that call JWE::decrypt() on attacker-controlled JWEs using PBES2…