jwt-pwn_A42B1D8C-B662-591E-8A76-649839FB8250

9.8 / 10

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

jwt-pwn A zero-dependency Python 3 toolkit for discovering and exploiting JWT vulnerabilities during web application penetration tests. For authorized security testing only. Only use against systems you own or have explicit written authorization to...

Visit Original Source

Basic Information

ID A42B1D8C-B662-591E-8A76-649839FB8250

Published May 22, 2026 at 16:17

Modified May 22, 2026 at 18:18

{
    "lastseen": "2026-05-22T18:19:40",
    "description": "jwt-pwn A zero-dependency Python 3 toolkit for discovering and exploiting JWT vulnerabilities during web application penetration tests. For authorized security testing only. Only use against systems you own or have explicit written authorization to...",
    "published": "2026-05-22T16:17:20",
    "modified": "2026-05-22T18:18:21",
    "type": "githubexploit",
    "title": "jwt-pwn",
    "source": "",
    "references": "",
    "id": "A42B1D8C-B662-591E-8A76-649839FB8250",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2015-9235"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "attackVector": "NETWORK",
            "attackComplexity": "LOW",
            "privilegesRequired": "NONE",
            "userInteraction": "NONE",
            "scope": "UNCHANGED",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "availabilityImpact": "HIGH"
        }
    },
    "href": "https://github.com/G4MEOVER18/jwt-pwn",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply