CVE-2025-4658 – OpenPubkey/OPKSSH JWS Signature Verification Bypass

May 13, 2025

CVE ID : CVE-2025-4658

Published : May 13, 2025, 5:16 p.m. | 1 hour, 48 minutes ago

Description : Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and would allow an attacker to bypass OPKSSH authentication.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-31358 – AMD Manageability API DLL Hijacking Privilege Escalation Vulnerability

Next Article CVE-2025-47280 – Umbraco Forms Email Injection Vulnerability

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2025-4658 – OpenPubkey/OPKSSH JWS Signature Verification Bypass

⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

How to Create an AI-Powered Bot that Can Post on Twitter/X

CVE-2025-4755 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

CVE-2024-11922 – Fortra GoAnywhere Email Injection Vulnerability

CVE-2025-52827 – UXPER Nuss Untrusted Data Deserialization Object Injection

Introducing My Second Project: Cross-Cultural Name Solutions

CVE-2025-46729 – Julmud/phpDVDProfiler Cross-Site Scripting Vulnerability

Rilasciato Kitty 0.42: Terminale Accelerato da GPU con Accesso Rapido in Stile Quake

CVE-2025-48934 – Deno Deny Env Variable Information Disclosure

CVE-2025-4658 – OpenPubkey/OPKSSH JWS Signature Verification Bypass

Related Posts