Lunary 安全漏洞

Lunary is an open-source production toolkit for LLMs developed by Lunary. Version 1.2.13 of Lunary contains a security vulnerability. This vulnerability stems from insufficient access control granularity, allowing users to delete prompts created by other organizations using their IDs, resulting i...

lunary authorization issue vulnerability (CNVD-2025-07599)

lunary is lunary open source a production toolkit for LLM . An authorization issue vulnerability exists in lunary that stems from the /checklists/:id route not being properly access controlled, which can be exploited by an attacker to cause a low-privileged user to modify the checklist...

Unspecified vulnerability in Lunary (CNVD-2025-06934)

Lunary is Lunary open source a production toolkit for LLM . A security vulnerability exists in Lunary versions prior to 1.6.3 that stems from not enforcing unique constraints and can be exploited by an attacker to cause data integrity issues...

lunary access control error vulnerability (CNVD-2025-07602)

lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary, which stems from improper access control on the /v1/datasets endpoint, and can be exploited by an attacker to gain access to unauthorized datasets...

Lunary 安全漏洞

Lunary is Lunary open source a production toolkit for LLM . A security vulnerability exists in Lunary versions prior to 1.5.9, which stems from a security issue in /v1/evaluators/endpoints, and can be exploited by an attacker to delete evaluator data, resulting in permanent data loss and potentia...

Lunary 安全漏洞

lunary is lunary open source a production toolkit for LLM . An information disclosure vulnerability exists in lunary that stems from a GET /projects API endpoint exposing all project public and private API keys to users with least privileges, which can be exploited by an attacker to obtain...

Lunary 安全漏洞

Lunary is Lunary open source a production toolkit for LLM . Lunary afc5df4 version of a security vulnerability , the vulnerability stems from a flaw in the permission checking mechanism , an attacker can use this vulnerability to cause unauthorized access to sensitive endpoints...

Lunary Illegal Authorization Vulnerability

lunary is lunary open source a production toolkit for LLM . An illegal authorization vulnerability exists in lunary, which stems from the presence of an incorrect authorization vulnerability that allows an unprivileged user to regenerate a private key for an item to which they do not have access...

lunary email bombing vulnerability

lunary is lunary open source a production toolkit for LLM . An email bombing vulnerability exists in lunary that stems from a lack of rate limiting on the forgot password page, leading to an email bombing vulnerability. No detailed vulnerability details are provided at this time...

Lunary 信息泄露漏洞

lunary is lunary open source a production toolkit for LLM . lunary suffers from an information disclosure vulnerability that stems from the fact that tokens can be exposed to unauthorized actors, allowing them to perform operations on behalf of the user. An attacker could exploit this vulnerabili...

Lunary SQL注入漏洞

lunary is lunary open source a production toolkit for LLM . lunary suffers from a SQL injection vulnerability that stems from the use of sql.unsafe in the order by clause of a SQL query without prior cleanup. No detailed vulnerability details are provided at this time...

Lunary 访问控制错误漏洞

lunary is a production toolkit for LLM. An access control error vulnerability exists in lunary that stems from insufficient access control checks and can be exploited by an attacker to update prompt details...

Lunary 访问控制错误漏洞

lunary is a production toolkit for LLM. An access control error vulnerability exists in lunary that stems from insufficient validation of roles and permissions on the backend. An attacker could exploit this vulnerability to cause information disclosure...

Number withdrawn

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...

编号撤回

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...

Lunary 访问控制错误漏洞

lunary is a production toolkit for LLM. An access control error vulnerability exists in lunary that stems from the presence of incorrect access control and can be exploited by an attacker to manipulate or access sensitive project data, resulting in data integrity and confidentiality issues...

编号撤回

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...

lunary 安全漏洞

Lunary is a production toolkit for LLM that is open sourced by lunary. A security vulnerability exists in lunary that stems from allowing a deleted user to change the name of an organization without authorization...

编号撤回

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...