CVE-2025-1293 HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes…Read More