Vulnerability in Janssenproject Jans

CVE-2025-54876

The Janssen Project is an open-source identity and access management (IAM) platform. In versions 1.9.0 and below, Janssen stores passwords in plaintext in the local cli_cmd.log file. This is fixed in the nightly prerelease.

EPSS: 0.005 (37.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References