313 matches found
CVE-2025-63388
A Cross-Origin Resource Sharing CORS misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/system-features endpoint. The endpoint implements an overly permissive CORS policy that reflects arbitrary Origin headers and sets Access-Control-Allow-Credentials: true, allowing any...
CVE-2025-63387
Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to the /console/api/system-features endpoint without any authentication credentials or session tokens. The endpoint fails to implement proper authorization checks, allowing anonymous...
dify 安全漏洞
dify is an open source LLM application development platform from LangGenius Open Source. A security vulnerability exists in version 1.5.1 of dify that stems from default credentials and could lead to unauthorized access...
CVE-2025-56157
Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. NOTE: the Supplier reports that the Docker configuration does not make PostgreSQL on TCP port 5432 exposed by default in version 1.0.1 or later...
CVE-2025-56157
Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. NOTE: the Supplier reports that the Docker configuration does not make PostgreSQL on TCP port 5432 exposed by default in version 1.0.1 or later...
PT-2025-52280
Name of the Vulnerable Software and Affected Versions Dify versions through 1.5.1 Description The software contains default credentials. Specifically, the PostgreSQL username and password are specified in the docker-compose.yaml file included in the source code. Recommendations Versions prior to...
CVE-2025-56157
Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. NOTE: the Supplier reports that the Docker configuration does not make PostgreSQL on TCP port 5432 exposed by default in version 1.0.1 or later...
CVE-2025-56157
CVE-2025-56157 affects Dify up to version 1.5.1, where default PostgreSQL credentials are defined in the docker-compose.yaml in the source. The vulnerability arises from hard-coded credentials, with the database (PostgreSQL on port 5432) referenced in the config; supplier notes that the Docker se...
PT-2025-52262
Name of the Vulnerable Software and Affected Versions Dify version 1.9.1 Description A Cross-Origin Resource Sharing CORS misconfiguration exists in the /console/api/setup endpoint. The endpoint has an insecure CORS policy that reflects any Origin header and allows Access-Control-Allow-Credential...
CVE-2025-63387
Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to the /console/api/system-features endpoint without any authentication credentials or session tokens. The endpoint fails to implement proper authorization checks, allowing anonymous...
CVE-2025-63387
CVE-2025-63387 affects Dify v1.9.1. An unauthenticated GET request to the endpoint /console/api/system-features bypasses authorization, exposing sensitive system configuration data. This constitutes a broken access control issue described across multiple sources (NVD, nuclei template, VulnCheck K...
CVE-2025-63388
The CVE-2025-63388 entry concerns Dify v1.9.1, specifically the /console/api/system-features endpoint. A misconfigured CORS policy is described as reflecting arbitrary Origin headers and setting Access-Control-Allow-Credentials: true, potentially enabling cross-origin requests to be authenticated...
CVE-2025-63386
CVE-2025-63386 affects Dify v1.9.1, specifically the /console/api/setup endpoint. The vulnerability arises from a misconfigured CORS policy that reflects any Origin header and sets Access-Control-Allow-Credentials: true, allowing arbitrary external domains to make authenticated requests. Impact i...
CVE-2025-11750
In langgenius/dify-web version 1.6.0, the authentication mechanism reveals the existence of user accounts by returning different error messages for non-existent and existing accounts. Specifically, when a login or registration attempt is made with a non-existent username or email, the system...
CVE-2025-11750 User Enumeration via Distinct Error Messages in langgenius/dify-web
In langgenius/dify-web version 1.6.0, the authentication mechanism reveals the existence of user accounts by returning different error messages for non-existent and existing accounts. Specifically, when a login or registration attempt is made with a non-existent username or email, the system...
CVE-2025-11750 User Enumeration via Distinct Error Messages in langgenius/dify-web
In langgenius/dify-web version 1.6.0, the authentication mechanism reveals the existence of user accounts by returning different error messages for non-existent and existing accounts. Specifically, when a login or registration attempt is made with a non-existent username or email, the system...
CVE-2025-11750
CVE-2025-11750 affects langgenius/dify-web version 1.6.0. Multiple connected sources confirm an authentication flaw where login/registration error messages distinguish between non-existent vs. existing usernames or emails (e.g., “account not found”), enabling user enumeration. This can facilitate...
dify 安全漏洞
dify is an open source LLM application development platform from LangGenius Open Source. A security vulnerability exists in version 1.6.0 of dify, which stems from the authentication mechanism returning different error messages for non-existing and existing accounts, potentially leading to an...
CVE-2025-58747
Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable to cross-site scripting when a victim connects to an attacker-controlled remote MCP server. The vulnerability exists in the OAuth flow implementation where the authorizationurl...
CVE-2025-58747 Dify MCP OAuth Flow Vulnerable to XSS
Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable to cross-site scripting when a victim connects to an attacker-controlled remote MCP server. The vulnerability exists in the OAuth flow implementation where the authorizationurl...