CVE-2026-6617

🗓️ 20 Apr 2026 07:30:12Reported by VulDBType

Remote server forgery exists in ApiToolManageService get_api_tool_provider_remote_schema for Dify 0.6.9.

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2026-6617	20 Apr 202607:30	–	attackerkb
CNNVD	dify 安全漏洞	20 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-6617 langgenius dify ApiToolManageService api_tools_manage_service.py get_api_tool_provider_remote_schema server-side request forgery	20 Apr 202607:30	–	cvelist
EUVD	EUVD-2026-23805	20 Apr 202609:30	–	euvd
NVD	CVE-2026-6617	20 Apr 202608:16	–	nvd
Positive Technologies	PT-2026-33730	20 Apr 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-6617 langgenius dify ApiToolManageService api_tools_manage_service.py get_api_tool_provider_remote_schema server-side request forgery	20 Apr 202607:30	–	vulnrichment

Vulners

Node

langgenius difyMatch0.6.0

langgenius difyMatch0.6.1

langgenius difyMatch0.6.2

langgenius difyMatch0.6.3

langgenius difyMatch0.6.4

langgenius difyMatch0.6.5

langgenius difyMatch0.6.6

langgenius difyMatch0.6.7

langgenius difyMatch0.6.8

langgenius difyMatch0.6.9

[
  {
    "vendor": "langgenius",
    "product": "dify",
    "versions": [
      {
        "version": "0.6.0",
        "status": "affected"
      },
      {
        "version": "0.6.1",
        "status": "affected"
      },
      {
        "version": "0.6.2",
        "status": "affected"
      },
      {
        "version": "0.6.3",
        "status": "affected"
      },
      {
        "version": "0.6.4",
        "status": "affected"
      },
      {
        "version": "0.6.5",
        "status": "affected"
      },
      {
        "version": "0.6.6",
        "status": "affected"
      },
      {
        "version": "0.6.7",
        "status": "affected"
      },
      {
        "version": "0.6.8",
        "status": "affected"
      },
      {
        "version": "0.6.9",
        "status": "affected"
      }
    ],
    "cpes": [
      "cpe:2.3:a:langgenius:dify:*:*:*:*:*:*:*:*"
    ],
    "modules": [
      "ApiToolManageService"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/358252/cti
gist	www.gist.github.com/chenhouser2025/306c6a7ad6aff9bc9a7fa76d5df38c63
vuldb	www.vuldb.com/vuln/358252
vuldb	www.vuldb.com/submit/792231

29 Apr 2026 01:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 45.3

CVSS 3.16.3

CVSS 26.5

CVSS 36.3

EPSS0.00043

SSVC

CWE-918