EUVD-2026-23984

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method DELETE /console/api/installed-apps//conversations/ has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue...

CVE-2026-34082 Dify has IDOR in deleting someone else's chat conversation

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method DELETE /console/api/installed-apps//conversations/ has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue...

LibreChat 安全漏洞

LibreChat is an open-source, free, and highly customizable unified AI conversation platform. It allows for the aggregation and running of large models from any vendor within one interface. Versions of LibreChat prior to 0.8.3-rc1 contained a security vulnerability. This vulnerability stemmed from...

WordPress plugin Kognetiks Chatbot 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... An authorization...