Lucene search
K

317 matches found

Nuclei
Nuclei
added 10 hours ago65 views

Dify v1.6.0 - Server-Side Request Forgery

Dify v1.6.0 contains a server side request forgery caused by improper validation in controllers.console.remotefiles.RemoteFileUploadApi, letting attackers make arbitrary requests from the server, exploit requires network access. id: CVE-2025-56520 info: name: Dify v1.6.0 - Server-Side Request...

5.3CVSS6.2AI score0.00649EPSS
Exploits1References2
Nuclei
Nuclei
added 10 hours ago88 views

Dify v1.9.1 - Broken Access Control

Dify v1.9.1 contains an insecure permissions vulnerability caused by lack of authorization checks in /console/api/system-features endpoint, letting unauthenticated attackers access sensitive system configuration data. id: CVE-2025-63387 info: name: Dify v1.9.1 - Broken Access Control author:...

7.5CVSS6.1AI score0.28042EPSS
Exploits0References1
Nuclei
Nuclei
added 10 hours ago69 views

Dify User Enumeration via Observable Response Discrepancy

Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowing an attacker to enumerate email addresses registered with Dify. Version 1.9.0 fixes the issue. id: CVE-2026-28288 info: name: Dify User Enumeratio...

6.9CVSS6.1AI score0.00635EPSS
Exploits1References2
NVD
NVD
added 3 days ago7 views

CVE-2026-61461

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the searchbyfulltext method without escaping or parameterization. Attackers can inject malicious SQL throu...

8.8CVSS0.00357EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42973

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the searchbyfulltext method without escaping or parameterization. Attackers can inject malicious SQL throu...

8.8CVSS6.3AI score0.00357EPSS
Exploits0References5
CVE
CVE
added 3 days ago14 views

CVE-2026-61461

Summary: CVE-2026-61461 affects Dify before 1.16.0-rc1, where the MyScale vector store backend is vulnerable to SQL injection via the search_by_full_text method due to unsanitized, unparameterized search parameters. This can allow an attacker to read, modify, or delete data in the underlying Clic...

8.8CVSS6.3AI score0.00357EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-61461 Dify < 1.16.0-rc1 SQL Injection via MyScale Vector Store search_by_full_text

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the searchbyfulltext method without escaping or parameterization. Attackers can inject malicious SQL throu...

8.8CVSS0.00357EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.12 views

CVE-2026-6617

A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function getapitoolproviderremoteschema of the file api/services/tools/apitoolsmanageservice.py of the component ApiToolManageService. Performing a manipulation of the argument url results in server-side...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.10 views

CVE-2026-6619

A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePreview. The manipulation of the argument filename leads to cross site scripting. The attack may be...

5.1CVSS3.7AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.8 views

CVE-2026-42138

Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/files/upload, which requires authentication through the application API, is also vulnerable. This...

6.9CVSS5.4AI score0.00235EPSS
Exploits1References1
NVD
NVD
added 2026/05/18 3:16 p.m.12 views

CVE-2026-41948

Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencod...

9.4CVSS0.00509EPSS
Exploits1References4
NVD
NVD
added 2026/05/18 3:16 p.m.14 views

CVE-2026-41947

Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to...

9.3CVSS0.00453EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/05/18 1:52 p.m.9 views

CVE-2026-41949

Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/05/18 1:52 p.m.54 views

CVE-2026-41949 Dify < 1.14.2 Authorization Bypass via File Preview Endpoint

Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS0.00435EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/18 1:52 p.m.52 views

EUVD-2026-30774

Dify version 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References3
CVE
CVE
added 2026/05/18 1:52 p.m.34 views

CVE-2026-41949

Dify v1.14.1 (and earlier) contains an authorization bypass in the file preview endpoint. An authenticated user can read up to 3,000 characters from any uploaded document across tenants/workspaces by using only the file UUID via /console/api/files/{file_id}/preview. The note that Dify Cloud allow...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/18 1:50 p.m.25 views

CVE-2026-41948 Dify v1.14.1 Path Traversal via Plugin Daemon Internal API Access

Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencod...

9.4CVSS5.8AI score0.00509EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/18 1:50 p.m.8 views

CVE-2026-41948

Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencod...

9.2CVSS5.8AI score0.00509EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/18 1:50 p.m.12 views

EUVD-2026-30771

Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencod...

9.2CVSS5.8AI score0.00509EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/18 1:48 p.m.33 views

CVE-2026-41947 Dify < 1.14.2 Authorization Bypass via Trace Configuration Endpoints

Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to...

9.3CVSS5.8AI score0.00453EPSS
Exploits1References6
Rows per page
Query Builder