7 matches found
lunary access control error vulnerability (CNVD-2025-07600)
lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary that stems from improper access control on the /prompts/promptid endpoint, and no detailed vulnerability details are provided at this time...
lunary access control error vulnerability (CNVD-2025-07602)
lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary, which stems from improper access control on the /v1/datasets endpoint, and can be exploited by an attacker to gain access to unauthorized datasets...
Lunary Access Control Error Vulnerability
lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary, which stems from an insecure direct object reference IDOR vulnerability that can be exploited by an attacker to manipulate the id parameter in a request URL to view or delete an...
lunary access control error vulnerability (CNVD-2025-09704)
lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary, which can be exploited by an attacker to cause information disclosure...
lunary access control error vulnerability (CNVD-2025-12108)
lunary is a production toolkit for LLM. An access control error vulnerability exists in lunary that stems from insufficient access control checks and can be exploited by an attacker to update prompt details...
lunary access control error vulnerability (CNVD-2025-09700)
lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary that stems from a lack of privilege checking, allowing unauthorized access to sensitive user information. An attacker could exploit this vulnerability to cause information leakage...
Lunary 访问控制错误漏洞
lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary that originates from an unauthorized user being able to view any project. An attacker could exploit this vulnerability to cause information disclosure...