CVE-2025-4576831.07.2025, 21:15pyjwt v2.10.1 was discovered to contain weak encryption.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST7 HIGHNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:HmitreCNA------CISA-ADPADP7 HIGHNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:HAwaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: UnknownCommon Weakness EnumerationCWE-311 - Missing Encryption of Sensitive DataThe software does not encrypt sensitive or critical information before storage or transmission.Referenceshttps://gist.github.com/ZupeiNie/6f65e564f2067b876321d3dfdbb76569https://github.com/jpadillahttps://github.com/jpadilla/pyjwt