Cyber Resilience

CVE-2024-9096

HighPublic PoC

Published: 20 March 2025

Published
20 March 2025
Modified
15 October 2025
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
EPSS Score 0.0014 34.7th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-9096 is a high-severity Missing Authorization (CWE-862) vulnerability in Lunary Lunary. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Stored Data Manipulation (T1565.001); ranked at the 34.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Other ATLAS/OWASP Terms risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2024-9096 is a missing authorization vulnerability in lunary-ai/lunary version 1.4.28. The /checklists/:id route permits low-privilege users to modify checklists through PATCH requests due to the absence of proper access control middleware, which should restrict modifications to authorized users such as project owners or admins. This issue, mapped to CWE-862, carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).

The vulnerability can be exploited by any user associated with a project, irrespective of their role, who can send a PATCH request to the affected endpoint. Successful exploitation allows modification of checklist data, including slug or other fields, enabling attackers to tamper with essential project workflows, alter business logic, and introduce errors that compromise data integrity.

Mitigation is provided via a patch in the commit at https://github.com/lunary-ai/lunary/commit/a8d7b2959e87c30fbafdb12af7ffa093385dcc60. Additional details on the vulnerability and fix are documented on the Huntr bounty page at https://huntr.com/bounties/653e7109-4c21-4e33-b636-7598d3202b9a.

EU & UK References

Vulnerability details

In lunary-ai/lunary version 1.4.28, the /checklists/:id route allows low-privilege users to modify checklists by sending a PATCH request. The route lacks proper access control, such as middleware to ensure that only authorized users (e.g., project owners or admins) can modify…

more

checklist data. This vulnerability allows any user associated with the project, regardless of their role, to modify checklists, including changing the slug or data fields, which can lead to tampering with essential project workflows, altering business logic, and introducing errors that undermine integrity.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai, lunary

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

The improper access control in the /checklists/:id PATCH endpoint enables low-privilege users to modify stored checklist data (e.g., slug or content), facilitating stored data manipulation to tamper with project workflows and business logic integrity.

CVEs Like This One

CVE-2024-9095Same product: Lunary Lunary
CVE-2024-8999Same product: Lunary Lunary
CVE-2024-9099Same product: Lunary Lunary
CVE-2025-5352Same product: Lunary Lunary
CVE-2025-9803Same product: Lunary Lunary
CVE-2024-8998Same product: Lunary Lunary
CVE-2024-5386Same product: Lunary Lunary
CVE-2026-41192Shared CWE-862
CVE-2026-34256Shared CWE-862
CVE-2024-7767Shared CWE-862

Affected Assets

lunary
lunary
1.4.28

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires enforcement mechanisms like access control middleware to restrict PATCH requests on /checklists/:id to authorized users such as project owners or admins.

prevent

Implements least privilege to ensure low-privilege project users cannot modify checklist data, slugged fields, or workflows.

prevent

Restricts access to modifications of project resources like checklists to defined roles, mitigating unauthorized changes to business logic and integrity.

References