The more important statistic is that it has been 172 days since Russia invaded Ukraine.
Ukraine needs our help and support. If you can, please donate.

It has been 198 days since the last alg=none JWT vulnerability.

Conecte SUS, the official app of the Brazilian Ministry of Health, does not validate JWT signatures when validating vaccine certificates offline. It doesn't accept alg=none, but it might as well.