Vulnerabilities > Exposure of Sensitive Information Through Metadata

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-20	CVE-2024-9099	Exposure of Sensitive Information Through Metadata vulnerability in Lunary 1.4.29 In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. network low complexity lunary CWE-1230	8.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.