2 matches found
CVE-2025-32796
creationtimestamp| type| source ---|---|--- 2025-04-18 16:58:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12488 2025-04-18 17:28:23+00:00| seen| https://bsky.app/profile/LLMs.activitypub.awakari.com.ap.brid.gy/post/3ln45djc4qbo2 2025-04-18 19:04:57+00:00| seen|...
CVE-2025-32796 Dify Allows Unauthorized APP Enable/Disable via API
Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in the DIFY where normal users can enable or disable apps through the API, even though the web UI button for this action is disabled and normal users are not permitted to make such changes...