We discovered a new high-severity vulnerability (CVE-2022-23529) in the popular JsonWebToken open source project.