Platform
python
Component
lunary-ai/lunary
Opgelost in
1.9.35
CVE-2025-9803 is a critical account takeover vulnerability affecting lunary versions up to 1.9.35. This flaw stems from inadequate validation of the 'aud' (audience) field within Google OAuth access tokens. Consequently, malicious applications can leverage these tokens to compromise user accounts, leading to unauthorized access and potential data breaches. A fix is available in version 1.9.35.
The impact of CVE-2025-9803 is severe, enabling attackers to completely take over user accounts within the lunary application. An attacker could exploit this vulnerability by crafting a malicious application that requests Google OAuth authentication. Upon successful authentication, the attacker's application would receive an access token. Due to the missing 'aud' validation, this token can be used to impersonate the legitimate user, granting the attacker full access to their data and functionality within lunary. This could include accessing sensitive information, modifying user settings, or performing actions on behalf of the compromised user. The blast radius extends to all users of affected lunary versions who utilize Google OAuth for authentication.
CVE-2025-9803 was publicly disclosed on 2025-11-25. There is no indication of active exploitation at this time, and it is not currently listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is not yet available, but the vulnerability's nature makes it likely that a PoC will be developed and shared in the near future. The EPSS score is likely to be assessed as medium due to the ease of exploitation once a PoC is available.
Organizations and individuals using lunary for AI-powered tasks and relying on Google OAuth for authentication are at risk. This includes users who have not yet upgraded to the latest version (1.9.35) and those who have not implemented additional security measures to mitigate the risk of account takeover.
• python / server: Examine lunary application logs for OAuth authentication attempts with invalid 'aud' values. Use Python's requests library to test the OAuth endpoint and verify 'aud' validation.
import requests
# Replace with your lunary instance URL
url = 'https://your-lunary-instance/oauth/token'
# Replace with your client ID and secret
client_id = 'your_client_id'
client_secret = 'your_client_secret'
# Malformed token
token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJleGFtcGxlIiwibmJmIjoxNjk4NzQ4ODAwLCJleHAiOjE2OTg3NzA4MDAsImlnaGxpZmViVXNlcm5hbWUiOiJodHRwczovL3dvc3RhbmQuZ2UiLCJzY29wZSI6WyJtYWljYWwtdG9rZW4uY29jkzsifQ.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
data = {'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion': token, 'client_id': client_id, 'client_secret': client_secret}
response = requests.post(url, headers=headers, data=data)
print(response.status_code)
print(response.text)• generic web: Monitor access logs for requests to the OAuth token endpoint with unusual parameters or user agents. Check for unusual patterns in OAuth authentication attempts.
disclosure
Exploit Status
EPSS
0.12% (31% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-9803 is to immediately upgrade lunary to version 1.9.35 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting access to sensitive functionalities or implementing stricter authentication policies. While a WAF cannot directly address this code-level vulnerability, it could be configured to monitor for suspicious OAuth token activity. Thoroughly review and audit the Google OAuth integration code to ensure proper 'aud' validation is implemented in future development cycles. After upgrading, confirm the fix by attempting to authenticate with a known valid Google OAuth application and verifying that the 'aud' field is correctly validated.
Werk de lunary-ai/lunary bibliotheek bij naar versie 1.9.35 of hoger. Deze versie corrigeert de Google OAuth authenticatie kwetsbaarheid door het 'aud' veld in de access tokens correct te verifiëren. De update voorkomt mogelijke account overname door aanvallers.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-9803 is a critical vulnerability in lunary versions ≤1.9.35 that allows attackers to take over user accounts due to improper Google OAuth authentication verification.
You are affected if you are using lunary version 1.9.35 or earlier and utilize Google OAuth for authentication.
Upgrade lunary to version 1.9.35 or later to resolve this vulnerability. If immediate upgrade is not possible, implement temporary workarounds like restricting access to sensitive functionalities.
There is currently no indication of active exploitation, but the vulnerability's nature suggests it is likely to be exploited in the future.
Refer to the official lunary security advisory for detailed information and updates: [https://lunary.ai/security/advisories](https://lunary.ai/security/advisories)
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je requirements.txt-bestand en we vertellen je direct of je getroffen bent.