CVE-2025-48491
Project AI Exposed Hardcoded API Key Vulnerability
Description
Project AI is a platform designed to create AI agents. Prior to the pre-beta version, a hardcoded API key was present in the source code. This issue has been patched in the pre-beta version.
INFO
Published Date :
May 30, 2025, 4:15 a.m.
Last Modified :
May 30, 2025, 4:31 p.m.
Source :
[email protected]
Remotely Exploitable :
No
Impact Score :
Exploitability Score :
Affected Products
The following products are affected by CVE-2025-48491
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
No affected product recoded yet
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-48491.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-48491 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2025-48491 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by [email protected]
May. 30, 2025
Action Type Old Value New Value Added Description Project AI is a platform designed to create AI agents. Prior to the pre-beta version, a hardcoded API key was present in the source code. This issue has been patched in the pre-beta version. Added CVSS V4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Added CWE CWE-798 Added Reference https://github.com/aryan6673/project-ai/commit/142252c43f1dacb3fed99e3336f5cd863b028bc2 Added Reference https://github.com/aryan6673/project-ai/commit/1de910f353eb2a68c980149b906e7495459296ad Added Reference https://github.com/aryan6673/project-ai/commit/54a69c3ccd301d35f3d54f4844d9910e609beb73 Added Reference https://github.com/aryan6673/project-ai/commit/7f3b93f9aa9085d5413b4019172b0e56676346d7 Added Reference https://github.com/aryan6673/project-ai/commit/8db90e3d9777850741804533ebde5824b4a5795c Added Reference https://github.com/aryan6673/project-ai/commit/99e0e0718edb0e59c5d3c5a69903b87c69fcfe7a Added Reference https://github.com/aryan6673/project-ai/commit/ab67979a46b0e343dc20a95a2b65d3c4994c31e7 Added Reference https://github.com/aryan6673/project-ai/commit/c1fb156418d98a1e6c60bb680db57e9558785093 Added Reference https://github.com/aryan6673/project-ai/security/advisories/GHSA-8486-vrcp-69rv
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-48491 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-48491
weaknesses.