CVE-2025-49651 – Lablup BackendAI Unauthenticated Session Hijacking

CVE ID : CVE-2025-49651

Published : June 9, 2025, 6:15 p.m. | 44 minutes ago

Description : Missing Authorization in Lablup’s BackendAI allows attackers to takeover all active sessions; Accessing, stealing, or altering any data accessible in the session. This vulnerability exists in all current versions of BackendAI.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…