📦 Langfuse

Name: Langfuse
Author: Langfuse

by Langfuse

🔍 What is Langfuse?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2026-24055

MEDIUM CVSS 5.3 Jan 22, 2026

This vulnerability allows unauthenticated attackers to bind their Slack workspace to any Langfuse project via the Slack OAuth endpoint. This could enable unauthorized access to prompt management chang...

CVE-2025-65107

MEDIUM CVSS 6.5 Nov 21, 2025

This vulnerability in Langfuse's SSO provider configurations allows account takeover when authenticated users are tricked into visiting a specially crafted URL via CSRF or phishing attacks. It affects...

CVE-2025-64504

MEDIUM CVSS 5.0 Nov 10, 2025

This vulnerability in Langfuse allows authenticated users to enumerate names and email addresses of users in other organizations if they know the target organization's ID. It affects Langfuse versions...

CVE-2025-9799

MEDIUM CVSS 5.0 Sep 1, 2025

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Langfuse's webhook handler. Attackers can manipulate the promptChangeEventSourcing function to make the server send unauthorize...