5 matches found
EUVD-2025-31045
Malicious code in bioql PyPI...
CVE-2025-59305
Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317 allows any authenticated user to invoke migration control functions. This can lead to data corruption or denial of service through unauthorized access to TRPC endpoints such as backgroundMigrations.all,...
CVE-2025-59305
Improper authorization in the background migration endpoints of Langfuse 3.1 before d67b317 allows any authenticated user to invoke migration control functions. This can lead to data corruption or denial of service through unauthorized access to TRPC endpoints such as backgroundMigrations.all,...
langfuse 安全漏洞
langfuse is a large language model engineering platform open-sourced by Langfuse. A security vulnerability exists in langfuse that stems from improper authorization of background migration endpoints, which could lead to data corruption or denial of service attacks...
CVE-2025-59305
CVE-2025-59305 concerns Langfuse 3.1 prior to the commit d67b317, where improper authorization on background migration endpoints allows any authenticated user to invoke migration control functions. Exploitable via TRPC endpoints such as backgroundMigrations.all, backgroundMigrations.status, and b...