Lucene search
K

371 matches found

Chainguard
Chainguard
added 2025/09/11 7:18 p.m.6 views

GHSA-G4JQ-H2W9-997C vulnerabilities

Vulnerabilities for packages: vitess, langfuse-fips, langfuse...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/09/11 7:18 p.m.3 views

GHSA-JQFW-VQ24-V9C3 vulnerabilities

Vulnerabilities for packages: vitess, langfuse-fips, langfuse...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/09/11 7:18 p.m.7 views

CVE-2025-58751 vulnerabilities

Vulnerabilities for packages: vitess, langfuse-fips, langfuse...

5.3CVSS6.2AI score0.0118EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/09/03 10:29 p.m.12 views

CVE-2025-9799

A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request...

5CVSS6.6AI score0.00257EPSS
Exploits1References1
NVD
NVD
added 2025/09/01 10:15 p.m.5 views

CVE-2025-9799

A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request...

5CVSS0.00257EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/01 10:2 p.m.3 views

CVE-2025-9799 Langfuse Webhook promptRouter.ts promptChangeEventSourcing server-side request forgery

A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request...

5CVSS6.2AI score0.00257EPSS
Exploits1References5
OSV
OSV
added 2025/09/01 10:2 p.m.4 views

CVE-2025-9799 Langfuse Webhook promptRouter.ts promptChangeEventSourcing server-side request forgery

A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request...

2.3CVSS5.3AI score0.00257EPSS
Exploits1References7
CVE
CVE
added 2025/09/01 10:2 p.m.19 views

CVE-2025-9799

CVE-2025-9799 affects Langfuse up to version 3.88.0. The vulnerability is in the Webhook Handler’s WebSocket/HTTP code path, specifically the function promptChangeEventSourcing in web/src/features/prompts/server/routers/promptRouter.ts. Manipulation of this function can lead to server-side reques...

5CVSS6.2AI score0.00257EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/09/01 10:2 p.m.12 views

CVE-2025-9799 Langfuse Webhook promptRouter.ts promptChangeEventSourcing server-side request forgery

A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request...

5CVSS0.00257EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/01 12:0 a.m.5 views

langfuse 代码问题漏洞

langfuse is a large language model engineering platform open-sourced by Langfuse. A code issue vulnerability exists in langfuse 3.88.0 and earlier versions, which stems from a misuse of the function promptChangeEventSourcing in the file web/src/features/prompts/server/routers/promptRouter.ts...

5CVSS5.4AI score0.00257EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/09/01 12:0 a.m.8 views

PT-2025-35514

Name of the Vulnerable Software and Affected Versions: Langfuse versions through 3.88.0 Description: A security flaw exists in Langfuse, potentially leading to server-side request forgery. The vulnerability is located in the promptChangeEventSourcing function within the...

5CVSS5AI score0.00257EPSS
Exploits1References10
Wolfi
Wolfi
added 2025/08/22 8:47 p.m.6 views

CVE-2025-54880 vulnerabilities

Vulnerabilities for packages: langfuse...

6.1CVSS6.6AI score0.00339EPSS
Exploits1
Wolfi
Wolfi
added 2025/08/22 8:47 p.m.6 views

CVE-2025-54881 vulnerabilities

Vulnerabilities for packages: langfuse...

5.3CVSS6.6AI score0.0071EPSS
Exploits0
Wolfi
Wolfi
added 2025/08/22 8:47 p.m.2 views

GHSA-7RQQ-PRVP-X9JH vulnerabilities

Vulnerabilities for packages: langfuse...

7.5AI score
Exploits0
Wolfi
Wolfi
added 2025/08/22 8:47 p.m.2 views

GHSA-8GWM-58G9-J8PW vulnerabilities

Vulnerabilities for packages: langfuse...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/08/22 2:16 p.m.10 views

CVE-2025-54881 vulnerabilities

Vulnerabilities for packages: langfuse...

5.3CVSS6.7AI score0.0071EPSS
Exploits0
Chainguard
Chainguard
added 2025/08/22 2:16 p.m.3 views

GHSA-8GWM-58G9-J8PW vulnerabilities

Vulnerabilities for packages: langfuse...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/08/22 2:16 p.m.3 views

GHSA-7RQQ-PRVP-X9JH vulnerabilities

Vulnerabilities for packages: langfuse...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/08/22 2:16 p.m.14 views

CVE-2025-54880 vulnerabilities

Vulnerabilities for packages: langfuse...

6.1CVSS6.6AI score0.00339EPSS
Exploits1
Veracode
Veracode
added 2025/03/26 11:13 a.m.13 views

Sensitive Information Disclosure

LiteLLM is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper error handling due to an issue in proxyserver.py that leaks Langfuse API keys when an error occurs while parsing team settings, potentially exposing full access to stored requests...

7.5CVSS6.8AI score0.00523EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder