9 matches found
CVE-2025-0184
CVE-2025-0184 describes an SSRF in langgenius/dify around the DOCX upload in the Create Knowledge flow (v0.10.2). The vulnerability triggers when a DOCX’s external relationship uses a reltype value fetched via the requests module instead of the SSRF proxy, enabling an attacker with access to the ...
CVE-2025-32795
CVE-2025-32795 affects Dify, an open-source LLM app development platform. Prior to version 0.6.12, a misconfigured access control allowed normal/non-admin users to edit app details (names, descriptions, icons) despite not having permission to view apps, compromising integrity. Root cause: insuffi...
CVE-2025-32790
CVE-2025-32790 affects Dify versions 0.6.8 and earlier. The vulnerability allows normal users to export APP DSL via the /export feature due to insufficient access control. Root cause: improper permission checks enabling export without admin privileges. Documented impacts indicate potential exposu...
CVE-2025-43862
CVE-2025-43862 relates to Dify, an open-source LLM app development platform. Prior to version 0.6.12, a normal (non-admin) user could access and modify APP orchestration despite UI restrictions, due to an access-control flaw. This could allow unauthorized access and changes to APPs. The issue is ...
CVE-2026-41950
CVE-2026-41950 affects Dify before version 1.14.0. An authorization bypass in the chat-messages flow allows an authenticated user to read full contents of files uploaded by other users within the same tenant by supplying an arbitrary file UUID in the files array of a chat-messages request. The ro...
CVE-2024-11824
CVE-2024-11824 is a stored XSS in langgenius/dify (chat log functionality). The issue arises because certain HTML tags, such as and , are not disallowed, enabling an attacker to inject malicious HTML via prompts. When an admin views the compromised log, credentials or sensitive information could...
CVE-2025-3467
CVE-2025-3467 is a stored/reflected XSS in langgenius/dify before 1.1.3 that specifically affects Firefox. The vulnerability allows an attacker to exfiltrate the administrator’s token by injecting a payload in a published chat; when the admin views the conversation via the monitoring/log function...
CVE-2025-58747
CVE-2025-58747 affects Dify up to version 1.9.1, where the MCP OAuth flow passes the remote server’s authorization_url directly to window.open without validation, enabling arbitrary JavaScript execution (XSS) when a victim connects to a malicious MCP server. Affected component: MCP OAuth in Dify....
CVE-2026-42138
CVE-2026-42138 affects Dify (open-source LLM app development platform). Before v1.13.1, an SVG upload via POST /api/files/upload allowed unauthenticated XSS, and POST /v1/files/upload was also vulnerable when authenticated. The issue is patched in v1.13.1. Impact is stored XSS; remediation is upg...