Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

lunary-ai/lunary — Vulnerabilities & Security Advisories 71

All 71 CVE vulnerabilities found in lunary-ai/lunary, with AI-generated Chinese analysis, references, and POCs.

Vendor: lunary-ai

CVE IDTitleCVSSSeverityPublished
CVE-2024-5386 Account Hijacking via Password Reset Token Leak in lunary-ai/lunary CWE-1125 8.1AIHighAI2026-02-02
CVE-2024-4147 Insufficient Access Control in lunary-ai/lunary CWE-1220 4.3AIMediumAI2026-02-02
CVE-2025-9803 Improper Authentication in lunary-ai/lunary CWE-287 9.8AICriticalAI2025-11-25
CVE-2025-5352 Environment Variable XSS in Analytics Component in lunary-ai/lunary CWE-79 5.4 -2025-08-23
CVE-2025-4962 IDOR Vulnerability in Template Creation via `projectId` Manipulation in lunary-ai/lunary CWE-284 4.3AIMediumAI2025-08-18
CVE-2025-4779 Stored Cross-site Scripting (XSS) in lunary-ai/lunary CWE-79 6.1AIMediumAI2025-07-07
CVE-2024-11300 Improper Access Control in lunary-ai/lunary CWE-639 6.5 -2025-03-20
CVE-2024-10272 Broken Access Control in lunary-ai/lunary CWE-862 7.5 -2025-03-20
CVE-2024-8998 Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary CWE-1333 7.5 -2025-03-20
CVE-2025-0281 Stored Cross-Site Scripting (XSS) in lunary-ai/lunary CWE-79 5.4 -2025-03-20
CVE-2024-9099 Exposure of Private API Keys in lunary-ai/lunary CWE-1230 8.8 -2025-03-20
CVE-2024-8765 Improper Path Equivalence Resolution in lunary-ai/lunary CWE-41 9.4 -2025-03-20
CVE-2024-10330 Improper Access Control in lunary-ai/lunary CWE-862 4.3 -2025-03-20
CVE-2024-8789 Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary CWE-1333 7.5 -2025-03-20
CVE-2024-11301 Improper Enforcement of Unique Constraint in lunary-ai/lunary CWE-837 8.2 -2025-03-20
CVE-2024-7476 Broken Access Control in lunary-ai/lunary CWE-639 6.5 -2025-03-20
CVE-2024-9096 Improper Authorization in lunary-ai/lunary CWE-862 4.3 -2025-03-20
CVE-2024-9098 Privilege Escalation in lunary-ai/lunary CWE-863 8.1 -2025-03-20
CVE-2024-8764 Improper Authorization in lunary-ai/lunary CWE-1333 7.5 -2025-03-20
CVE-2024-10762 Missing Authorization in lunary-ai/lunary CWE-862 5.4 -2025-03-20
CVE-2024-9000 Improper Authorization and Duplicate Slug Vulnerability in lunary-ai/lunary CWE-862 6.5 -2025-03-20
CVE-2024-10275 Improper Role Modification by Admins for Billing Permissions in lunary-ai/lunary CWE-863 8.8 -2025-03-20
CVE-2024-10274 Improper Authorization in lunary-ai/lunary CWE-862 4.3 -2025-03-20
CVE-2024-11137 IDOR Vulnerability in PATCH `/v1/runs/:id/score` Endpoint in lunary-ai/lunary CWE-639 4.3 -2025-03-20
CVE-2024-8763 Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary CWE-1333 7.5 -2025-03-20
CVE-2024-8999 Improper Access Control in lunary-ai/lunary CWE-862 5.3 -2025-03-20
CVE-2024-10273 Improper Privilege Management in lunary-ai/lunary CWE-863 6.1 -2025-03-20
CVE-2024-9095 Improper Authorization in lunary-ai/lunary CWE-862 8.1 -2025-03-20
CVE-2024-3760 Email Bombing Vulnerability in lunary-ai/lunary CWE-770 7.5 -2024-11-14
CVE-2024-3502 Exposure of Sensitive Information in lunary-ai/lunary CWE-201 6.5 -2024-11-14

All 71 known CVE vulnerabilities affecting lunary-ai/lunary with full Chinese analysis, references, and POCs where available.