Langfuse SSRF Vulnerability: Missing Secret Key Validation on LLM Base URL Change

github.com 2026-05-08翻訳準備中…中国語で表示中中国語 →English →

Security AdvisoryHighLangfuse

Affected:

Langfuse platform (versions prior to 7527bb0)

Fixed in:

7527bb0

参照 CVE: CVE-2026-41487

本文由本平台从 github.com 自动抓取，经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。

このソースからの他の記事

n8n-mcp Log Injection Vulnerability: Sensitive Data Leakage via HTTP Transport 2026-05-09 Fix: Incorrect Role Assignment in Email-Based Domain Invitations 2026-05-09 CVE-2024-42185: Privilege Escalation in La Suite Numérique people service 2026-05-09 n8n-mcp Log Information Disclosure Vulnerability (GHSA-wq4g-395p-mqv3) 2026-05-09 Eruka/scoold CVE-2026-4276 Persistent Admin Takeover via JWT Forgery POC 2026-05-09