Platform
other
Component
langfuse
Fixed in
2.95.1
3.17.1
CVE-2025-65107 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Langfuse, an open-source large language model engineering platform. This flaw allows an attacker to potentially take over user accounts by tricking authenticated users into unknowingly executing malicious requests. The vulnerability impacts versions 2.95.0 through 3.130.9, and has been resolved in versions 2.95.12 and 3.131.0.
The primary impact of CVE-2025-65107 is unauthorized account takeover. An attacker can craft a malicious URL that, when visited by an authenticated user, triggers actions on their behalf without their knowledge or consent. This could involve modifying user settings, accessing sensitive data, or performing other actions as if they were the legitimate user. The vulnerability is particularly concerning because it leverages the user's existing authentication session, making it difficult to detect. Successful exploitation requires the user to interact with the malicious URL, typically through phishing or other social engineering techniques. The blast radius is limited to the individual user accounts affected, but the potential for widespread compromise exists if the attacker can target a large number of users.
CVE-2025-65107 was publicly disclosed on 2025-11-21. No public proof-of-concept (PoC) code has been released at the time of writing. The EPSS score is pending evaluation, but given the potential for account takeover, it is likely to be assessed as medium or high probability. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.03% (9% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-65107 is to upgrade Langfuse to version 2.95.12 or 3.131.0, which contain the fix. If upgrading immediately is not feasible, a workaround involves setting the AUTH<PROVIDER>CHECK configuration option. This setting enforces stricter authentication checks and prevents the CSRF attack from succeeding. Review SSO provider configurations to ensure this setting is enabled. Implement robust user awareness training to educate users about the risks of phishing and malicious URLs. Consider implementing a Content Security Policy (CSP) to restrict the sources from which scripts can be executed, further mitigating the risk of CSRF attacks. After upgrading, confirm the fix by attempting to trigger a request via a crafted URL and verifying that it is blocked.
Update Langfuse to version 2.95.12 or later, or to version 3.131.0 or later. Alternatively, explicitly configure the AUTH_<PROVIDER>_CHECK option in your SSO configuration.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-65107 is a CSRF vulnerability in Langfuse versions 2.95.0–>= 3.17.0, < 3.131.0, allowing potential account takeover via crafted URLs.
You are affected if you are running Langfuse versions 2.95.0–>= 3.17.0, < 3.131.0 and have not configured AUTH<PROVIDER>CHECK.
Upgrade to Langfuse version 2.95.12 or 3.131.0. As a workaround, configure AUTH<PROVIDER>CHECK in your SSO provider configurations.
There is no confirmed active exploitation of CVE-2025-65107 at this time, but the potential for exploitation exists.
Refer to the Langfuse security advisory for details: [https://github.com/langfuse/langfuse/security/advisories/GHSA-xxxx-xxxx-xxxx](replace with actual advisory link)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.