CVE-2025-4576701.08.2025, 15:15jose v6.0.10 was discovered to contain weak encryption.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST7 HIGHNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:HmitreCNA------CISA-ADPADP7 HIGHNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:HAwaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: UnknownCommon Weakness EnumerationCWE-327 - Use of a Broken or Risky Cryptographic AlgorithmThe use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.Referenceshttps://gist.github.com/ZupeiNie/705a606fbb99f3bb8c9b51e5bc13c91dhttps://github.com/panvahttps://github.com/panva/jose