PT-2025-23241 · Unknown · Project Ai

Aryan6673

·

Publicado

2025-05-30

·

Atualizado

2025-05-30

·

CVE-2025-48491

CVSS v4.0

2.7

Baixa

VetorAV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
Name of the Vulnerable Software and Affected Versions Project AI versions prior to pre-beta
Description The issue concerns a hardcoded API key present in the source code of Project AI, a platform for creating AI agents. This problem has been resolved in the pre-beta version.
Recommendations For versions prior to pre-beta, update to the pre-beta version or later to resolve the issue. As a temporary workaround, consider restricting access to the API until the update is applied.

Exploit

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

CVE-2025-48491
GHSA-8486-VRCP-69RV

Produtos afetados

Project Ai