CVE-2025-56643

CRITICAL

Requarks Wiki.js 2.5.307 - Insufficient Session Expiration via JWT Token Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-56643. PoCs published by 0xBS0D27.

AI-analyzed exploit summary The repository provides a detailed technical analysis of CVE-2025-56643, a JWT session vulnerability in Wiki.js 2.5.307 where tokens remain valid after logout due to insufficient session expiration. It includes affected components, impact, and attack vector but lacks exploit code.

Description

Requarks Wiki.js 2.5.307 does not properly revoke or invalidate active JWT tokens when a user logs out. As a result, previously issued tokens remain valid and can be reused to access the system, even after logout. This behavior affects session integrity and may allow unauthorized access if a token is compromised. The issue is present in the authentication resolver logic and affects both the GraphQL endpoint and the logout mechanism.

Exploits (1)

nomisec WRITEUP 1 stars
by 0xBS0D27 · poc
https://github.com/0xBS0D27/CVE-2025-56643

The repository provides a detailed technical analysis of CVE-2025-56643, a JWT session vulnerability in Wiki.js 2.5.307 where tokens remain valid after logout due to insufficient session expiration. It includes affected components, impact, and attack vector but lacks exploit code.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Wiki.js 2.5.307
Auth required
Prerequisites: Access to a previously issued JWT token
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 9.1
EPSS 0.0031
EPSS Percentile 22.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-613
Status published
Products (1)
requarks/wiki.js 2.5.307
Published Nov 18, 2025
Tracked Since Feb 18, 2026