Vulnerability Description
Langfuse is an open source large language model engineering platform. From version 3.68.0 to before version 3.167.0, there is a role-based-access control flaw in the LLM connection update flow. An authenticated, low-privileged user of role “member” in a project could request the update of an existing LLM connection to an attacker-controlled baseUrl, causing Langfuse to reuse the stored provider secret and redirect the test request to an attacker-controlled endpoint. This could expose the plaintext provider LLM API key for that connection. The attack is only possible if a user is already part of a project and has “member” scoped access. This issue has been patched in version 3.167.0.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Langfuse | Langfuse | >= 3.68.0, < 3.167.0 |
Related Weaknesses (CWE)
References
- https://github.com/langfuse/langfuse/commit/7527bb0d84bc0a3dc24a4b16d22ed2e46e6dPatch
- https://github.com/langfuse/langfuse/commit/e12386f9d4368bbfff24a4ad7fd536410916Patch
- https://github.com/langfuse/langfuse/pull/13027Issue TrackingPatch
- https://github.com/langfuse/langfuse/pull/13055Issue TrackingPatch
- https://github.com/langfuse/langfuse/releases/tag/v3.167.0Release Notes
- https://github.com/langfuse/langfuse/security/advisories/GHSA-2524-j966-gfghMitigationPatchVendor Advisory
FAQ
What is CVE-2026-41487?
CVE-2026-41487 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Langfuse is an open source large language model engineering platform. From version 3.68.0 to before version 3.167.0, there is a role-based-access control flaw in the LLM connection update flow. An au...
How severe is CVE-2026-41487?
CVE-2026-41487 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-41487?
Check the references section above for vendor advisories and patch information. Affected products include: Langfuse Langfuse.