CVE-2025-53826
published 2025-07-15CVE-2025-53826: File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version…
PriorityP354critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.50%
38.9th percentile
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of publication, no known patches exist.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| filebrowser | filebrowser | — | — |
| filebrowser | filebrowser | — | — |
| github.com | filebrowser_filebrowser | 0 – 2.39.0 | — |
| github.com | filebrowser_filebrowser_v2 | 0 – 2.39.0 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
File Browser’s insecure JWT handling can lead to session replay attacks after logout in github.com/filebrowser/filebrowser
osv·2025-07-28
CVE-2025-53826 File Browser’s insecure JWT handling can lead to session replay attacks after logout in github.com/filebrowser/filebrowser
File Browser’s insecure JWT handling can lead to session replay attacks after logout in github.com/filebrowser/filebrowser
File Browser’s insecure JWT handling can lead to session replay attacks after logout in github.com/filebrowser/filebrowser
OSV
File Browser’s insecure JWT handling can lead to session replay attacks after logout
osv·2025-07-16
CVE-2025-53826 [HIGH] File Browser’s insecure JWT handling can lead to session replay attacks after logout
File Browser’s insecure JWT handling can lead to session replay attacks after logout
### Summary
File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. Please refer to the CWE's listed in this report for further reference and system standards. In summary, the main issue is:
- Tokens remain valid after logout (session replay attacks)
In this report, I used docker as the documentation instruct:
```
docker run \
-v filebrowser_data:/srv \
-v filebrowser_database:/database \
-v filebrowser_config:/config \
-p 8080:80 \
filebrowser/filebrowser
```
### Details
**Issue: Tokens remain valid after logout (session replay attacks)**
After logging in and receiving a JWT token, the user can explicitly "log out." However, this action doe
GHSA
File Browser’s insecure JWT handling can lead to session replay attacks after logout
ghsa·2025-07-16
CVE-2025-53826 [HIGH] CWE-305 File Browser’s insecure JWT handling can lead to session replay attacks after logout
File Browser’s insecure JWT handling can lead to session replay attacks after logout
### Summary
File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. Please refer to the CWE's listed in this report for further reference and system standards. In summary, the main issue is:
- Tokens remain valid after logout (session replay attacks)
In this report, I used docker as the documentation instruct:
```
docker run \
-v filebrowser_data:/srv \
-v filebrowser_database:/database \
-v filebrowser_config:/config \
-p 8080:80 \
filebrowser/filebrowser
```
### Details
**Issue: Tokens remain valid after logout (session replay attacks)**
After logging in and receiving a JWT token, the user can explicitly "log out." However, this action doe
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-07-15
Published