Back to List
TechnologyAIOpen SourceSecurity Update

Claude Relay Service (CRS): Open-Source Unified Proxy for Claude, OpenAI, Gemini, and Droid Subscriptions with Cost Sharing and Critical Security Update

The Claude Relay Service (CRS) is an open-source proxy solution designed to unify access for various AI subscriptions, including Claude, OpenAI, Gemini, and Droid. It enables users to build their own Claude Code mirror and offers a one-stop relay service that supports 'carpooling' for shared access, aiming to efficiently distribute costs. The service also promises seamless integration with native tools. A critical security update has been issued, warning users of versions v1.1.248 and below about a severe administrator authentication bypass vulnerability that allows unauthorized access to the management panel.

GitHub Trending
Share

The Claude Relay Service (CRS) is presented as an open-source, one-stop relay solution that allows users to establish their own Claude Code mirror. This service is designed to unify access for various AI subscriptions, including Claude, OpenAI, Gemini, and Droid, under a single platform. A key feature of CRS is its support for 'carpooling' or shared access, which aims to more efficiently distribute and reduce the costs associated with these subscriptions. The service also emphasizes seamless integration with native tools, suggesting a user-friendly experience.

However, a significant security alert has been issued regarding the CRS. Users are strongly cautioned about a critical vulnerability present in versions v1.1.248 and earlier. This vulnerability is described as a severe administrator authentication bypass, which could allow attackers to gain unauthorized access to the management panel. This highlights the importance for current users to update their installations to a patched version to mitigate potential security risks.

Read Original Article

Related News

Technology

Trivy: Comprehensive Vulnerability, Misconfiguration, Secret, and SBOM Scanner for Containers, Kubernetes, Code Repositories, and Cloud Environments

Trivy, developed by aquasecurity, is a versatile security scanner designed to identify vulnerabilities, misconfigurations, secrets, and generate Software Bill of Materials (SBOMs) across various IT assets. It supports scanning containers, Kubernetes clusters, code repositories, and cloud environments, providing a unified solution for enhancing security posture. The tool aims to help users detect potential security risks efficiently across their development and deployment pipelines.

Technology

Alibaba Introduces OpenSandbox: A Universal AI Application Sandbox Platform for Coding, GUI, and RL Training

Alibaba has launched OpenSandbox, a versatile AI application sandbox platform designed to support various AI development scenarios. This platform offers multi-language SDKs, a unified sandbox API, and leverages Docker/Kubernetes runtimes. OpenSandbox is suitable for applications such as coding agents, GUI agents, agent evaluation, AI code execution, and reinforcement learning (RL) training, providing a comprehensive environment for AI development and deployment.

Technology

Claude Scientific Skills: A Ready-to-Use Agent Toolkit for Research, Science, Engineering, Analysis, Finance, and Writing

K-Dense-AI has released "Claude Scientific Skills," a comprehensive, ready-to-use set of agent skills designed to enhance productivity across various professional domains. This toolkit is specifically tailored for applications in research, scientific endeavors, engineering projects, data analysis, financial operations, and writing tasks. The project, trending on GitHub, aims to provide robust support for professionals seeking to leverage advanced agent capabilities in their work.