GenX_FX authentication bypass in JWT validation_CVE-2025-55306

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.).

Basic Information

ID CVE-2025-55306

Source GitHub_M

Published Aug 19, 2025 at 18:19

Affected Product

Vendor Mouy-leng

Product GenX_FX

Version <= 1.0.0

Affected Versions Mouy-leng GenX_FX <= 1.0.0

CWE Classification

CWE-522

References

github.com /Mouy-leng/GenX_FX/security/advisories/GHSA-2xjq-pvwj-mvm6

{
    "lastseen": "",
    "description": "GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.).",
    "published": "2025-08-19T18:19:15.839Z",
    "modified": "2025-08-19T18:19:15.839Z",
    "type": "cve",
    "title": "GenX_FX authentication bypass in JWT validation",
    "source": "GitHub_M",
    "references": "https://github.com/Mouy-leng/GenX_FX/security/advisories/GHSA-2xjq-pvwj-mvm6",
    "id": "CVE-2025-55306",
    "bulletinFamily": "",
    "cwe": [
        "CWE-522"
    ],
    "cvelist": null,
    "sourceData": "Mouy-leng GenX_FX <= 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GenX_FX",
    "version": "<= 1.0.0",
    "vendor": "Mouy-leng",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}