{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T03:00:36.595","vulnerabilities":[{"cve":{"id":"CVE-2025-49651","sourceIdentifier":"6f8de1f0-f67e-45a6-b68f-98777fdb759c","published":"2025-06-09T18:15:26.740","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization in Lablup's BackendAI allows attackers to takeover all active sessions; Accessing, stealing, or altering any data accessible in the session. This vulnerability exists in all current versions of BackendAI."},{"lang":"es","value":"La falta de autorización en BackendAI de Lablup permite a los atacantes tomar el control de todas las sesiones activas, accediendo, robando o alterando cualquier dato accesible en la sesión. Esta vulnerabilidad existe en todas las versiones actuales de BackendAI."}],"metrics":{"cvssMetricV31":[{"source":"6f8de1f0-f67e-45a6-b68f-98777fdb759c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"weaknesses":[{"source":"6f8de1f0-f67e-45a6-b68f-98777fdb759c","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://hiddenlayer.com/sai_security_advisor/2025-06-backendai/","source":"6f8de1f0-f67e-45a6-b68f-98777fdb759c"}]}}]}