Arize AI Community Icon

Home
Events

Arize AX Releases
Arize AX Support
Arize News
Arize Observe
Discussions
Introductions
Phoenix Support

Powered by Tightknit

Phoenix Support

Phoenix Support

Request for Latest Phoenix Server and UI CVE Report

·Sep 17, 2025 12:54 PM·

Hi, I am looking for a vulnerability/CVE report of latest Phoenix Server and UI. If exists, appreciate if you can share

2 comments

· Sorted by Oldest

RunLLM
APP
·
·
It could be possible that there is no official, comprehensive vulnerability or CVE report for the latest Phoenix Server and UI directly available in the provided data sources. However, there are references to security practices and reporting procedures, and some closed issues related to security and dependency upgrades, but no explicit CVE list or vulnerability report is published for the latest version.For reporting or learning about vulnerabilities, users are encouraged to follow coordinated disclosure by emailing opensource-security@arize.com, as described in the security policy. There are also references to upgrading dependencies (e.g., PostgreSQL) for security reasons, but no detailed CVE enumeration is present in the sources reviewed. Would you like more detail on how to monitor or report vulnerabilities for Phoenix?Sources: - https://github.com/Arize-ai/phoenix/blob/main/packages/phoenix-evals/SECURITY - https://github.com/Arize-ai/phoenix/blob/main/SECURITY.md Note: I wasn’t able to find highly relevant data sources, but above are a few potentially relevant links.
💡 Hint: Mention RunLLM in the thread for followups.
Mikyo
·
·
Hey Shai K. we in general have all SBOM related things being tracked by security and have had teams like Yogosha perform security tests but we don't have a pentest report or anything if that's what you are looking for. All scanning reports like container security etc. should be public. Not sure if that's what you are looking for.