CVE-2025-65107 | Langfuse up to 2.95.11/3.130.x URL cross-site request forgery (GHSA-w9pw-c549-5m6w)

A vulnerability, which was classified as problematic, has been found in Langfuse up to 2.95.11/3.130.x. Affected is an unknown function of the component URL Handler. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2025-65107. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More