CVE-2025-49651: 
Python vulnerability analysis and mitigation

Missing Authorization in Lablup's BackendAI allows attackers to takeover all active sessions, enabling unauthorized access, theft, or alteration of any data accessible in the session. This vulnerability affects all current versions of BackendAI and was discovered in June 2025. The vulnerability has been assigned CVE-2025-49651 with a CVSS v3.1 base score of 8.1 (HIGH) (HiddenLayer Report, NVD).

The vulnerability is classified as CWE-862 (Missing Authorization). When a user starts an interactive session, a web terminal gets exposed to a random port. The vulnerability allows attackers to scan ports until they find an open interactive session and access it without any authorization or prior authentication. The CVSS v3.1 vector string is CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, high attack complexity, no privileges required, and high impact on confidentiality, integrity, and availability (HiddenLayer Report).

The vulnerability allows unauthorized access to active sessions, enabling attackers to access, steal, or alter any data accessible within the session. This includes potential access to sensitive models, code, and other session data. The impact is particularly severe as it affects all versions of BackendAI and could lead to complete session takeover (HiddenLayer Report, Wiz).

As of the vulnerability disclosure on June 9, 2025, no official fixes or workarounds have been published. The vendor was contacted on March 28, 2025, and acknowledged working on actions for the vulnerability on April 21, 2025, but no further updates were provided (HiddenLayer Report).