CVE-2025-53960 Blast Radius

MEDIUM • CVSS 5.9When issuing JSON Web Tokens (JWT), Apache StreamPark directly uses the user's password as the HMAC signing key (e.g., with the HS256 algorithm). An a…

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2025-53960.

Start Free Scan →← Back to CVE-2025-53960