CVE-2024-5755

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions <=v1.2.11

Description: The issue allows an attacker to bypass email validation by using a dot character ('.') in the email address, enabling the creation of multiple accounts with essentially the same email address. This can lead to incorrect synchronization and potential security issues.

Recommendations: For versions <=v1.2.11, update to a version greater than v1.2.11 to prevent email validation bypass. As a temporary workaround, consider restricting the use of dot characters in email addresses to minimize the risk of exploitation.