2 matches found
CVE-2025-32795
creationtimestamp| type| source ---|---|--- 2025-04-18 16:58:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12487 2025-04-18 17:28:23+00:00| seen| https://bsky.app/profile/LLMs.activitypub.awakari.com.ap.brid.gy/post/3ln45dr7jufy2 2025-04-18 19:04:53+00:00| seen|...
CVE-2025-32795 Dify Allows Insecure User Role Access Control for APP Editing
Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in the DIFY where normal users are improperly granted permissions to edit APP names, descriptions and icons. This access control flaw allows non-admin users to modify app details, despite...