VYPR
Unrated severityNVD Advisory· Published Jun 6, 2024· Updated Oct 15, 2025

Improper Access Control in lunary-ai/lunary

CVE-2024-5126

Description

An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically within the versions.patch functionality for updating prompts. Affected versions include 1.2.2 up to but not including 1.2.25. The vulnerability allows unauthorized users to update prompt details due to insufficient access control checks. This issue was addressed and fixed in version 1.2.25.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Lunary AI/Lunaryllm-fuzzy2 versions
    >=1.2.2, <1.2.25+ 1 more
    • (no CPE)range: >=1.2.2, <1.2.25
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.