CVE-2025-55306

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-55306
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-55306.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-55306
Aliases
  • GHSA-2xjq-pvwj-mvm6
Published
2025-08-19T18:19:15.839Z
Modified
2025-12-02T20:13:57.437475Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
GenX_FX authentication bypass in JWT validation
Details

GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.).

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/55xxx/CVE-2025-55306.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-522"
    ]
}
References

Affected packages

Git / github.com/mouy-leng/genx_fx

Affected ranges

Type
GIT
Repo
https://github.com/mouy-leng/genx_fx
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c0cfeaea739cddcdce2f61c5565f4e1f974316c9
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.0"
        }
    ]
}

Affected versions

v1.*

v1.0.0