jwt-2.10.3
v2.10.3 (2026-05-22)
Fixes and enhancements:
- Backport: Reject
niland empty HMAC keys when signing and verifying (CVE-2026-45363 / GHSA-c32j-vqhx-rx3x) #725 (@royzwambag)
Fixes and enhancements:
nil and empty HMAC keys when signing and verifying (CVE-2026-45363 / GHSA-c32j-vqhx-rx3x) #725 (@royzwambag)