CVE-2025-49652: BackendAI Missing Authentication for Critical Function

Severity: Critical

CVSS Score: 9.8

Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary users to create user accounts that can access private data even when registration is disabled.