diff --git a/lib/php-jwt/CHANGELOG.md b/lib/php-jwt/CHANGELOG.md
index 353766ee02d..644fa0beafa 100644
--- a/lib/php-jwt/CHANGELOG.md
+++ b/lib/php-jwt/CHANGELOG.md
@@ -1,5 +1,19 @@
 # Changelog
 
+## [6.10.0](https://github.com/firebase/php-jwt/compare/v6.9.0...v6.10.0) (2023-11-28)
+
+
+### Features
+
+* allow typ header override ([#546](https://github.com/firebase/php-jwt/issues/546)) ([79cb30b](https://github.com/firebase/php-jwt/commit/79cb30b729a22931b2fbd6b53f20629a83031ba9))
+
+## [6.9.0](https://github.com/firebase/php-jwt/compare/v6.8.1...v6.9.0) (2023-10-04)
+
+
+### Features
+
+* add payload to jwt exception ([#521](https://github.com/firebase/php-jwt/issues/521)) ([175edf9](https://github.com/firebase/php-jwt/commit/175edf958bb61922ec135b2333acf5622f2238a2))
+
 ## [6.8.1](https://github.com/firebase/php-jwt/compare/v6.8.0...v6.8.1) (2023-07-14)
 
 
diff --git a/lib/php-jwt/src/BeforeValidException.php b/lib/php-jwt/src/BeforeValidException.php
index c147852b980..595164bf35d 100644
--- a/lib/php-jwt/src/BeforeValidException.php
+++ b/lib/php-jwt/src/BeforeValidException.php
@@ -2,6 +2,17 @@
 
 namespace Firebase\JWT;
 
-class BeforeValidException extends \UnexpectedValueException
+class BeforeValidException extends \UnexpectedValueException implements JWTExceptionWithPayloadInterface
 {
+    private object $payload;
+
+    public function setPayload(object $payload): void
+    {
+        $this->payload = $payload;
+    }
+
+    public function getPayload(): object
+    {
+        return $this->payload;
+    }
 }
diff --git a/lib/php-jwt/src/ExpiredException.php b/lib/php-jwt/src/ExpiredException.php
index 81ba52d43f6..12fef094486 100644
--- a/lib/php-jwt/src/ExpiredException.php
+++ b/lib/php-jwt/src/ExpiredException.php
@@ -2,6 +2,17 @@
 
 namespace Firebase\JWT;
 
-class ExpiredException extends \UnexpectedValueException
+class ExpiredException extends \UnexpectedValueException implements JWTExceptionWithPayloadInterface
 {
+    private object $payload;
+
+    public function setPayload(object $payload): void
+    {
+        $this->payload = $payload;
+    }
+
+    public function getPayload(): object
+    {
+        return $this->payload;
+    }
 }
diff --git a/lib/php-jwt/src/JWT.php b/lib/php-jwt/src/JWT.php
index 189274525dd..263492068cb 100644
--- a/lib/php-jwt/src/JWT.php
+++ b/lib/php-jwt/src/JWT.php
@@ -153,23 +153,29 @@ class JWT
         // Check the nbf if it is defined. This is the time that the
         // token can actually be used. If it's not yet that time, abort.
         if (isset($payload->nbf) && floor($payload->nbf) > ($timestamp + static::$leeway)) {
-            throw new BeforeValidException(
+            $ex = new BeforeValidException(
                 'Cannot handle token with nbf prior to ' . \date(DateTime::ISO8601, (int) $payload->nbf)
             );
+            $ex->setPayload($payload);
+            throw $ex;
         }
 
         // Check that this token has been created before 'now'. This prevents
         // using tokens that have been created for later use (and haven't
         // correctly used the nbf claim).
         if (!isset($payload->nbf) && isset($payload->iat) && floor($payload->iat) > ($timestamp + static::$leeway)) {
-            throw new BeforeValidException(
+            $ex = new BeforeValidException(
                 'Cannot handle token with iat prior to ' . \date(DateTime::ISO8601, (int) $payload->iat)
             );
+            $ex->setPayload($payload);
+            throw $ex;
         }
 
         // Check if this token has expired.
         if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {
-            throw new ExpiredException('Expired token');
+            $ex = new ExpiredException('Expired token');
+            $ex->setPayload($payload);
+            throw $ex;
         }
 
         return $payload;
@@ -197,13 +203,14 @@ class JWT
         string $keyId = null,
         array $head = null
     ): string {
-        $header = ['typ' => 'JWT', 'alg' => $alg];
+        $header = ['typ' => 'JWT'];
+        if (isset($head) && \is_array($head)) {
+            $header = \array_merge($header, $head);
+        }
+        $header['alg'] = $alg;
         if ($keyId !== null) {
             $header['kid'] = $keyId;
         }
-        if (isset($head) && \is_array($head)) {
-            $header = \array_merge($head, $header);
-        }
         $segments = [];
         $segments[] = static::urlsafeB64Encode((string) static::jsonEncode($header));
         $segments[] = static::urlsafeB64Encode((string) static::jsonEncode($payload));
diff --git a/lib/php-jwt/src/JWTExceptionWithPayloadInterface.php b/lib/php-jwt/src/JWTExceptionWithPayloadInterface.php
new file mode 100644
index 00000000000..7933ed68be5
--- /dev/null
+++ b/lib/php-jwt/src/JWTExceptionWithPayloadInterface.php
@@ -0,0 +1,20 @@
+<?php
+namespace Firebase\JWT;
+
+interface JWTExceptionWithPayloadInterface
+{
+    /**
+     * Get the payload that caused this exception.
+     *
+     * @return object
+     */
+    public function getPayload(): object;
+
+    /**
+     * Get the payload that caused this exception.
+     *
+     * @param object $payload
+     * @return void
+     */
+    public function setPayload(object $payload): void;
+}
diff --git a/lib/thirdpartylibs.xml b/lib/thirdpartylibs.xml
index 79e11d674b3..2f91e7074a1 100644
--- a/lib/thirdpartylibs.xml
+++ b/lib/thirdpartylibs.xml
@@ -515,7 +515,7 @@ All rights reserved.</copyright>
     <location>php-jwt</location>
     <name>A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519</name>
     <description>A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519</description>
-    <version>6.8.1</version>
+    <version>6.10.0</version>
     <license>BSD</license>
     <licenseversion>3-Clause</licenseversion>
     <repository>https://github.com/firebase/php-jwt</repository>