CVE-2025-1293 | HashiCorp Hermes up to 0.4.x JWT weak authentication

A vulnerability has been found in HashiCorp Hermes up to 0.4.x and classified as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to weak authentication.

This vulnerability was named CVE-2025-1293. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More