CVE-2025-64504 | Langfuse up to 2.95.10/3.124.0 API information exposure (GHSA-94hf-6gqq-pj69)

Inserito da Angelo Barbosa | Nov 11, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Langfuse up to 2.95.10/3.124.0. Affected by this vulnerability is an unknown functionality of the component API. Performing manipulation results in exposure of sensitive information through data queries.

This vulnerability is known as CVE-2025-64504. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2025-64504 | Langfuse up to 2.95.10/3.124.0 API information exposure (GHSA-94hf-6gqq-pj69)

Post correlati

CVE-2024-8977 | GitLab Enterprise Edition up to 17.2.8/17.3.4/17.4.1 Product Analytics Dashboard server-side request forgery (Issue 491060)

CVE-2024-41502 | Jetimob Plataforma Imobiliaria 20240627-0 Pessoas Section Observaces cross site scripting

CVE-2025-7525 | TOTOLINK T6 4.1.5cu.748_B20211015 HTTP POST Request /cgi-bin/cstecgi.cgi setTracerouteCfg command command injection

CVE-2024-0259 | Fortra Robot Schedule Enterprise Agent up to 3.03 on Windows default permission