Bounties
Partners
Community
Info
lunary-ai / lunary
Project repository
The production toolkit for LLMs. Observability, prompt management and evaluations.
Submit a report
FIRST INTERACTION
WITHIN
5 DAYS
REVIEW
WITHIN
28 DAYS
FIX
WITHIN
81 DAYS
SQL Injection bypass in /api/v1/external-users Route
May 26th 2025
sahiloj
•
self closed
Stored XSS via Citation URLs
May 30th 2025
sahiloj
•
spam
Unauthenticated Stored XSS via dangerouslySetInnerHTML
May 23rd 2025
codevigilanteofficial
•
Critical
Critical
•
CVE-2025-4779
CVE-2025-4779
Cross-Site Scripting (XSS) via dangerouslySetInnerHTML in Lunary
Feb 26th 2025
captain-n3m0
•
self closed
IDOR Vulnerabilities in /v1/providers Lunary API
May 15th 2025
sharokhataie
•
not applicable
Attacker is able to read and update information from victims dashboard
Jan 3rd 2025
brotheralameen1
•
spam
When logout, session is not handled proeprly.
Jan 6th 2025
webbdays
•
spam
Reintroduced CSRF on login endpoint
Jan 6th 2025
patrik-ha
•
informative
Medium
Stored Cross-Site Scripting (XSS) via SAML IdP XML Injection
Feb 15th 2025
sharokhataie
•
High
•
$450
High
•
$450
•
CVE-2025-0281
CVE-2025-0281
The inviter can verify the email of invitee with the join token.
Jan 6th 2025
webbdays
•
spam
Any can access another users /usage data given they knows the org id of the user...
Jan 6th 2025
webbdays
•
spam
There is no rate limit and auth for /send-verification API
Nov 17th 2024
webbdays
•
not applicable
Email Bombing Vulnerability in `Send Verification Email` Endpoint
Nov 16th 2024
sharokhataie
•
duplicate
High
Improper access of prompt data by another user.
Feb 14th 2025
webbdays
•
High
•
$450
High
•
$450
•
CVE-2024-11300
CVE-2024-11300
Lack of unique constraint validation allows overwriting evaluators
Feb 13th 2025
antonin36330
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-11301
CVE-2024-11301
test
Nov 16th 2024
particle-ioa
•
spam
IDOR Vulnerability in PATCH `/v1/runs/:id/score` Endpoint Allows Unauthorized Sc...
Feb 12th 2025
sharokhataie
•
High
•
$450
High
•
$450
•
CVE-2024-11137
CVE-2024-11137
Lack of proper access control on endpoint to delete evaluators
Jan 30th 2025
antonin36330
•
High
•
$450
High
•
$450
•
CVE-2024-10762
CVE-2024-10762
Missing access control on endpoint to list all evaluations in lunary-ai/lunary
Jan 21st 2025
antonin36330
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-10330
CVE-2024-10330
Improper Role Modification by Admins for Billing Permissions
Jan 17th 2025
antonin36330
•
High
•
$450
High
•
$450
•
CVE-2024-10275
CVE-2024-10275
Lack of access control on /users/me/org endpoint
Jan 17th 2025
antonin36330
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-10274
CVE-2024-10274
Bypass Vulnerability - Adding Users to a Free Plan Team Without Invite Privilege...
Oct 23rd 2024
sharokhataie
•
not applicable
Race Condition Leading to Adding More Than 3 Projects for a Free Plan Organizati...
Oct 5th 2024
sharokhataie
•
duplicate
High
Improper Privilege Management Allows Viewer Role to Modify Owner’s Models
Jan 1st 2025
sharokhataie
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-10273
CVE-2024-10273
IDOR- allow view any prompts in any projects
Oct 3rd 2024
testtttpv1
•
duplicate
High
Broken Access Control
Dec 28th 2024
0ozero0
•
High
•
$540
High
•
$540
•
CVE-2024-10272
CVE-2024-10272
Exposure of private API keys to unauthorized users
Dec 22nd 2024
antonin36330
•
High
•
$450
High
•
$450
•
CVE-2024-9099
CVE-2024-9099
Privilege escalation allows admins to gain access to billing resources
Dec 21st 2024
antonin36330
•
High
•
$450
High
•
$450
•
CVE-2024-9098
CVE-2024-9098
Improper authorization allows low-privilege users to modify checklists
Dec 28th 2024
antonin36330
•
High
•
$450
High
•
$450
•
CVE-2024-9096
CVE-2024-9096
Improper authorization in /bigquery export route
Dec 28th 2024
antonin36330
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-9095
CVE-2024-9095
Redos (Regular Expression Denial of Service)
Dec 18th 2024
oicu0619
•
High
•
$450
High
•
$450
•
CVE-2024-8998
CVE-2024-8998
Unauthorized database export to Google BigQuery
Dec 17th 2024
antonin36330
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-8999
CVE-2024-8999
Missing access control and duplicate check on checklists POST Endpoint
Dec 17th 2024
antonin36330
•
High
•
$450
High
•
$450
•
CVE-2024-9000
CVE-2024-9000
Redos (Regular Expression Denial of Service)
Dec 12th 2024
oicu0619
•
High
•
$450
High
•
$450
•
CVE-2024-8789
CVE-2024-8789
endpoint privilege is not properly checked, lead to unauth attacker visiting sen...
Dec 11th 2024
oicu0619
•
High
•
$450
High
•
$450
•
CVE-2024-8765
CVE-2024-8765
Sensitive api exposed to anyone
Sep 12th 2024
oicu0619
•
informative
Medium
lunary support user upload his own regular expression and run at server side, wh...
Dec 10th 2024
oicu0619
•
High
•
$450
High
•
$450
•
CVE-2024-8764
CVE-2024-8764
Redos (Regular Expression Denial of Service) on lunary
Dec 9th 2024
oicu0619
•
High
•
$450
High
•
$450
•
CVE-2024-8763
CVE-2024-8763
MTA-STS Records not Found
Aug 7th 2024
vaibhavjain122
•
not applicable
SQL injection in the `/api/v1/external-users` route
Nov 1st 2024
antonin36330
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-7456
CVE-2024-7456
ReDOS through text matching endpoint in Flask ML server
Aug 4th 2024
patrik-ha
•
informative
High
CORS Misconfiguration
Aug 4th 2024
alicaz
•
informative
High
Hyperlink injection on singup
Oct 19th 2024
vaibhavjain122
•
duplicate
Medium
Unauthorized Email Injection Vulnerability
Oct 8th 2024
vn-ncvinh
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-7472
CVE-2024-7472
Idor update any prompts
Sep 29th 2024
meme-dm
•
High
•
$450
High
•
$450
•
CVE-2024-7473
CVE-2024-7473
IDOR allow view/delete external_user
Sep 29th 2024
meme-dm
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-7474
CVE-2024-7474
Improper Access Control on SAML Configuration
Sep 27th 2024
mvlttt
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-7475
CVE-2024-7475
SSRF
Jul 1st 2024
mvlttt
•
informative
High
CSRF on endpoint for user signup
Sep 11th 2024
patrik-ha
•
High
•
$450
High
•
$450
•
CVE-2024-6862
CVE-2024-6862
Business logic, permanent account takeover with endpoint /auth/signup
Jul 17th 2024
vn-ncvinh
•
informative
Medium
Improper reset password token handling allows permanently account takeover
Jul 9th 2024
vn-ncvinh
•
duplicate
Medium
Unauthorized Email Injection Vulnerability
Jul 8th 2024
vn-ncvinh
•
not applicable
Project name not validate length
Jul 8th 2024
kevinkien
•
informative
High
Attacker can Add new user to any Project leadings to leaked data (eg: datasets,...
Jul 8th 2024
sofyanmoch
•
informative
High
Lack of HTTPS / SSL certificate on Python Flask ML server
Jun 7th 2024
antonin36330
•
informative
High
•
CVE-2024-5388
CVE-2024-5388
Flash Python server completely unprotected
Jun 10th 2024
antonin36330
•
informative
High
Broken access control
Jul 12th 2024
d47secc
•
Medium
•
$90
Medium
•
$90
•
CVE-2024-6582
CVE-2024-6582
IDOR - Unauthenticated User can view any datasets in https://github.com/lunary-a...
Jul 8th 2024
sofyanmoch
•
not applicable
Email verification bypass
Jul 17th 2024
saymenn
•
informative
Medium
Improper access control-allow update prompt that is deployed in
Jul 8th 2024
d47secc
•
duplicate
Medium
SSRF in download-idp-xml SAML
May 21st 2024
d47secc
•
duplicate
Critical
Broken access control due to improper implementation of authorization using the...
Jul 3rd 2024
d47secc
•
informative
Medium
Organization Takeover due to incorrect authorization
Jun 24th 2024
d47secc
•
informative
High
Broken access control
May 21st 2024
d47secc
•
self closed
Improper project validation, any user can gain access to any project
Jun 20th 2024
patrik-ha
•
informative
Critical
Instantiate enterprise-only roles without enterprise plan
Jun 7th 2024
patrik-ha
•
not applicable
Run info leak without valid authorization
Jun 22nd 2024
patrik-ha
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-6867
CVE-2024-6867
Inject log events for any project
May 6th 2024
patrik-ha
•
self closed
Account takeover through the invite-functionality for newly registered users
May 3rd 2024
patrik-ha
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-6087
CVE-2024-6087
Lack of pagination when returning evaluation results causes performance issues
Jun 17th 2024
acciobugs
•
informative
Medium
Reuse of invitation join token leads to account takeover
Jun 13th 2024
thelicato
•
informative
High
Incorrect management of projects during user invitation leads to IDOR on other o...
Apr 28th 2024
thelicato
•
duplicate
Critical
Frameable response - potential Clickjacking
Jun 12th 2024
acciobugs
•
informative
Medium
A user can create/get/edit/delete prompt variations for datasets from other orgs
Jun 9th 2024
acciobugs
•
Medium
•
$900
Medium
•
$900
•
CVE-2024-5389
CVE-2024-5389
Organizations can add any number of users via the API without restriction
Jun 10th 2024
antonin36330
•
informative
High
•
CVE-2024-4155
CVE-2024-4155
A user can delete prompts from other orgs
Apr 24th 2024
acciobugs
•
High
•
$450
High
•
$450
•
CVE-2024-4147
CVE-2024-4147
User can access unauthorized projects from org
Jun 8th 2024
antonin36330
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-4146
CVE-2024-4146
Evaluation allowance per organization does not go down when an new evaluation is...
Jun 7th 2024
antonin36330
•
not applicable
•
CVE-2024-4152
CVE-2024-4152
The password reset link does not expire
Jun 2nd 2024
h2oa
•
duplicate
High
Creating account with same email (bypass https://huntr.com/bounties/2ca70ba5-b6a...
Jun 16th 2024
h2oa
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-5755
CVE-2024-5755
Redos (Regular Expression Denial of Service)
Jun 1st 2024
mvlttt
•
High
•
$450
High
•
$450
•
CVE-2024-4148
CVE-2024-4148
Deleting a dataset doesn't require authentication
Apr 13th 2024
antonin36330
•
duplicate
Critical
Mail bombing: rate-limit absent on forgot-password page
Nov 14th 2024
antonin36330
•
High
•
$450
High
•
$450
•
CVE-2024-3760
CVE-2024-3760
[reopen]Broken Access Control in "POST /v1/templates/{id}/versions"
Nov 14th 2024
t1m0n0
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-7476
CVE-2024-7476
XSS in SAML metadata endpoint
May 31st 2024
monairy
•
High
•
$450
High
•
$450
•
CVE-2024-5478
CVE-2024-5478
Any role can change Org's name
May 25th 2024
acciobugs
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-6086
CVE-2024-6086
SSRF through backend endpoint auth api
May 25th 2024
codevigilanteofficial
•
High
•
$450
High
•
$450
•
CVE-2024-5328
CVE-2024-5328
Prompt editor role has access to full list of Org users
May 24th 2024
acciobugs
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-5248
CVE-2024-5248
Account recovery hash of users are returned in the responses
Nov 14th 2024
antonin36330
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-3502
CVE-2024-3502
Single-use tokens of users are returned in the responses
Nov 14th 2024
antonin36330
•
Critical
•
$1080
Critical
•
$1080
•
CVE-2024-3501
CVE-2024-3501
A member can invite/change other users to someone else's project / can change ot...
Jun 7th 2024
acciobugs
•
High
•
$540
High
•
$540
•
CVE-2024-5714
CVE-2024-5714
SSRF through backend endpoint auth api
Apr 8th 2024
codevigilanteofficial
•
not applicable
Reset password token not invalidated after use
May 23rd 2024
acciobugs
•
Medium
•
$75
Medium
•
$75
•
CVE-2024-5277
CVE-2024-5277
Bypass of server-side project limit allows a free plan user to create more than...
May 22nd 2024
acciobugs
•
informative
Medium
Account takeover - User can change password of any member as recovery token is e...
May 24th 2024
acciobugs
•
duplicate
Critical
•
CVE-2024-5133
CVE-2024-5133
bypass payment and add more user than limit
Jun 7th 2024
ranjit-git
•
not applicable
•
CVE-2024-4153
CVE-2024-4153
viewer role user can hijack other user account via password reset token leak
Apr 6th 2024
ranjit-git
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-5386
CVE-2024-5386
admin user can promote himself to owner role and can control all over the org
May 23rd 2024
ranjit-git
•
informative
High
A free plan user is able to invite/join more members than the allowed amount
Jun 7th 2024
acciobugs
•
informative
Critical
•
CVE-2024-5132
CVE-2024-5132
unprivileged user can rename a project
May 21st 2024
ranjit-git
•
High
•
$540
High
•
$540
•
CVE-2024-4154
CVE-2024-4154
Improper access control-allow update org user to org owner
May 21st 2024
fewword
•
High
•
$450
High
•
$450
•
CVE-2024-3504
CVE-2024-3504
A user from free plan can invite other members assigning them any role and they...
Jun 7th 2024
acciobugs
•
informative
Medium
•
CVE-2024-5127
CVE-2024-5127
unprivileged user can re-generate private key for project
Nov 14th 2024
ranjit-git
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-3379
CVE-2024-3379
Change user role without upgrading or paying money
Jun 7th 2024
ranjit-git
•
not applicable
•
CVE-2024-3380
CVE-2024-3380
idor bug to change any prompts
May 19th 2024
sunrisexu
•
duplicate
High
Improper access control-allow update prompt that is deployed
May 21st 2024
fewword
•
High
•
$450
High
•
$450
•
CVE-2024-5126
CVE-2024-5126
Password hash of users are returned in the responses
May 25th 2024
acciobugs
•
duplicate
Medium
•
CVE-2024-3381
CVE-2024-3381
IDOR- allow to view any result in any evaluations/projects
May 20th 2024
fewword
•
duplicate
High
IDOR- allow view/update/delete any dataset_prompt/dataset_prompt_variation in an...
May 20th 2024
fewword
•
Critical
•
$1440
Critical
•
$1440
•
CVE-2024-5128
CVE-2024-5128
Privilege Escalation Vulnerability to delete any datasets
May 20th 2024
fewword
•
High
•
$450
High
•
$450
•
CVE-2024-5129
CVE-2024-5129
IDOR- allow view/update any prompts in any projects
May 20th 2024
fewword
•
High
•
$450
High
•
$450
•
CVE-2024-4151
CVE-2024-4151
IDOR- allow view any prompts in any projects
May 20th 2024
fewword
•
High
•
$450
High
•
$450
•
CVE-2024-5131
CVE-2024-5131
Unauthenticated delete any dataset
May 20th 2024
meme-dm
•
High
•
$450
High
•
$450
•
CVE-2024-5130
CVE-2024-5130
Missing Authorization on Delete Datasets
May 20th 2024
thelicato
•
Critical
•
$900
Critical
•
$900
•
CVE-2024-3761
CVE-2024-3761
reuse of old session to change organization name
Apr 8th 2024
surayp
•
High
•
$540
High
•
$540
•
CVE-2024-1902
CVE-2024-1902
Get the result of any org's evaluation
Apr 16th 2024
antonin36330
•
High
•
$900
High
•
$900
•
CVE-2024-1738
CVE-2024-1738
creating account with same email
Apr 16th 2024
surayp
•
High
•
$540
High
•
$540
•
CVE-2024-1739
CVE-2024-1739
removed user from a org can read/create/modify/delete logs
Apr 7th 2024
ranjit-git
•
Critical
•
$1620
Critical
•
$1620
•
CVE-2024-1740
CVE-2024-1740
Member can read/create/modify/delete templates even after removed from organizat...
Apr 7th 2024
ranjit-git
•
Critical
•
$1800
Critical
•
$1800
•
CVE-2024-1741
CVE-2024-1741
Create evaluation without paying money
Jun 7th 2024
ranjit-git
•
not applicable
•
CVE-2024-1665
CVE-2024-1665
Create radar without paying money
Jun 7th 2024
ranjit-git
•
not applicable
•
CVE-2024-1666
CVE-2024-1666
idor bug to delete any org project
Apr 3rd 2024
ranjit-git
•
High
•
$1080
High
•
$1080
•
CVE-2024-1625
CVE-2024-1625
bypass payment and create more project than limit without paying extra money
Jun 7th 2024
ranjit-git
•
not applicable
•
CVE-2024-1599
CVE-2024-1599
idor bug to delete any org project
Apr 5th 2024
ranjit-git
•
not applicable
idor bug to change any org project
Apr 16th 2024
ranjit-git
•
Critical
•
$1080
Critical
•
$1080
•
CVE-2024-1626
CVE-2024-1626
join any organization and read/modify all data
Apr 5th 2024
ranjit-git
•
Critical
•
$1080
Critical
•
$1080
•
CVE-2024-1643
CVE-2024-1643
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
