CVE-2025-55449
published 2026-05-08CVE-2025-55449: AstrBotDevs AstrBot 3.5.15 has Advanced_System_for_Text_Response_and_Bot_Operations_Tool as the hardcoded private key used to sign a JWT.
PriorityP340high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
EPSS
0.28%
19.8th percentile
AstrBotDevs AstrBot 3.5.15 has Advanced_System_for_Text_Response_and_Bot_Operations_Tool as the hardcoded private key used to sign a JWT.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| astrbot | astrbot | — | — |
| astrbot | astrbot | >= 0 < 3.5.18 | 3.5.18 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
AstrBot is vulnerable to RCE with hard-coded JWT signing keys
osv·2025-11-14
CVE-2025-55449 [CRITICAL] AstrBot is vulnerable to RCE with hard-coded JWT signing keys
AstrBot is vulnerable to RCE with hard-coded JWT signing keys
### Summary
AstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin.
### Details
AstrBot uses a [hard-coded JWT signing key](https://github.com/AstrBotDevs/AstrBot/blob/v3.5.16/astrbot/core/__init__.py), which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python plugin that will be imported [here](https://github.com/AstrBotDevs/AstrBot/blob/master/astrbot/dashboard/routes/plugin.py), enabling arbitrary command execution on the target host.
### Impact
All publicly accessible AstrBot instances are vulnerable.
For more information, please see: [CVE-2025-55449-AstrBot-RCE](https://github.com/Marven11/CVE-20
GHSA
AstrBot is vulnerable to RCE with hard-coded JWT signing keys
ghsa·2025-11-14
CVE-2025-55449 [CRITICAL] CWE-345 AstrBot is vulnerable to RCE with hard-coded JWT signing keys
AstrBot is vulnerable to RCE with hard-coded JWT signing keys
### Summary
AstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin.
### Details
AstrBot uses a [hard-coded JWT signing key](https://github.com/AstrBotDevs/AstrBot/blob/v3.5.16/astrbot/core/__init__.py), which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python plugin that will be imported [here](https://github.com/AstrBotDevs/AstrBot/blob/master/astrbot/dashboard/routes/plugin.py), enabling arbitrary command execution on the target host.
### Impact
All publicly accessible AstrBot instances are vulnerable.
For more information, please see: [CVE-2025-55449-AstrBot-RCE](https://github.com/Marven11/CVE-20
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-08
Published