CVE-2025-65107

Affects: large language model

CVSS: MEDIUM · 6.5v3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Published: 2025-11-21
Weakness: CWE-285, CWE-352
Source: nvd.nist.gov/vuln/detail/CVE-2025-65107

Description

Langfuse is an open source large language model engineering platform. In versions from 2.95.0 to before 2.95.12 and from 3.17.0 to before 3.131.0, in SSO provider configurations without an explicit AUTH_CHECK setting, a potential account takeover may happen if an authenticated user is made to call a specifically crafted URL via a CSRF or phishing attack. This issue has been patched in versions 2.95.12 and 3.131.0. A workaround for this issue involves setting AUTH_CHECK.

References

https://github.com/langfuse/langfuse/security/advisories/GHSA-w9pw-c549-5m6w

How GTK Cyber trains on this

AI security training at GTK Cyber covers the LLM and ML-pipeline vulnerability classes that vulnerabilities like CVE-2025-65107 fall into. Our hands-on courses are taught by Charles Givre and other practitioners who break and defend production AI systems.

AI Red-Teaming course →·Browse MITRE ATLAS techniques

Related AI/LLM CVEs

AI security training, taught by people who do the work.

Hands-on courses on adversarial AI, prompt injection, and ML pipeline security.

Explore AI Red-Teaming