How to fix CVE-2025-49152?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Is JSON Web Tokens affected by CVE-2025-49152?

CVE-2025-49152 presents significant security risk rated CVSS 8.7. Successful exploitation could significantly impact the confidentiality, integrity, or availability of affected systems. Organizations should apply vendor updates when available and consider compensating controls in the interim.

JSON Web Tokens CVE-2025-49152

EUVD-2025-19121 HIGH

Insufficient Session Expiration (CWE-613)

2025-06-25 [email protected]

Information Disclosure

8.7

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 23:19 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 23:19 euvd

EUVD-2025-19121

CVE Published

Jun 25, 2025 - 17:15 nvd

HIGH 8.7

DescriptionNVD

The affected products contain JSON Web Tokens (JWT) that do not expire, which could allow an attacker to gain access to the system.

AnalysisAI

CVE-2025-49152 is a security vulnerability (CVSS 8.7) that allows an attacker. High severity vulnerability requiring prompt remediation.

Technical ContextAI

Vulnerability type not specified by vendor. CVSS 8.7 indicates high severity.

RemediationAI

Monitor vendor channels for patch availability.

CVE-2025-49152 vulnerability details – vuln.today

Back