The more important statistic is that it has been 132 days since Russia invaded Ukraine.
Ukraine needs our help and support. If you can, please donate.

It has been 158 days since the last alg=none JWT vulnerability.

Conecte SUS, the official app of the Brazilian Ministry of Health, does not validate JWT signatures when validating vaccine certificates offline. It doesn't accept alg=none, but it might as well.