Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

mao888 bluebell-plus Hard-Coded JWT Secret Vulnerability in Authorization Bypass

Vulnerability

Exploited

A vulnerability exists in mao888 bluebell-plus versions through 2.3.0, where the JWT secret key is hard-coded in the source file bluebell_backend/pkg/jwt/jwt.go. This flaw allows attackers to forge valid JWT tokens, bypassing authentication and authorization mechanisms. The vulnerability can be exploited remotely, and while the exploitation is difficult, a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability allows for authentication bypass, enabling unauthorized users to forge JWT tokens and gain access to functionalities such as creating posts or comments.

Added: Jul 6, 2025, 1:17 PM

Updated: Jul 6, 2025, 1:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

9.1

remediation

0.0

relevance

0.2

threat

8.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

9.1

remediation

0.0

relevance

0.2

threat

8.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

mao888 bluebell-plus Hard-Coded JWT Secret Vulnerability in Authorization Bypass

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating