CVE-2025-65107
BaseFortify
Publication date: 2025-11-21
Last updated on: 2025-12-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| langfuse | langfuse | From 2.95.0 (inc) to 2.95.12 (exc) |
| langfuse | langfuse | From 3.17.0 (inc) to 3.131.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Langfuse versions 2.95.0 to before 2.95.12 and 3.17.0 to before 3.131.0 when using SSO provider configurations without an explicit AUTH_<PROVIDER>_CHECK setting. An authenticated user can be tricked via a CSRF or phishing attack into calling a specially crafted URL, potentially leading to an account takeover. The issue has been fixed in versions 2.95.12 and 3.131.0, and a workaround is to set AUTH_<PROVIDER>_CHECK.
How can this vulnerability impact me? :
The vulnerability can lead to a potential account takeover if an authenticated user is tricked into calling a malicious URL via CSRF or phishing. This means an attacker could gain unauthorized access to user accounts, compromising account security and potentially sensitive data.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update Langfuse to version 2.95.12 or later, or 3.131.0 or later. As a workaround, configure the AUTH_<PROVIDER>_CHECK setting explicitly in your SSO provider configurations to prevent potential account takeover via CSRF or phishing attacks.