6 matches found
CVE-2025-59305
Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317 allows any authenticated user to invoke migration control functions. This can lead to data corruption or denial of service through unauthorized access to TRPC endpoints such as backgroundMigrations.all,...
CVE-2025-59305
Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317 allows any authenticated user to invoke migration control functions. This can lead to data corruption or denial of service through unauthorized access to TRPC endpoints such as backgroundMigrations.all,...
CVE-2025-59305
Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317 allows any authenticated user to invoke migration control functions. This can lead to data corruption or denial of service through unauthorized access to TRPC endpoints such as backgroundMigrations.all,...
CVE-2025-59305
CVE-2025-59305 concerns Langfuse 3.1 prior to the commit d67b317, where improper authorization on background migration endpoints allows any authenticated user to invoke migration control functions. Exploitable via TRPC endpoints such as backgroundMigrations.all, backgroundMigrations.status, and b...
PT-2025-39319
Name of the Vulnerable Software and Affected Versions Langfuse versions prior to d67b317 Langfuse version 3.1 Description Improper authorization in the background migration endpoints of Langfuse allows any authenticated user to invoke migration control functions. This can lead to data corruption ...
CVE-2025-59305
Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317 allows any authenticated user to invoke migration control functions. This can lead to data corruption or denial of service through unauthorized access to TRPC endpoints such as backgroundMigrations.all,...