Dify vulnerabilities
10 known vulnerabilities affecting dify/dify.
Total CVEs
10
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH2MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2025-56520P2MEDIUMCVSS 5.3ExploitedPoCv1.6.02025-09-30
CVE-2025-56520 [MEDIUM] CVE-2025-56520: Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component control
Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. A different vulnerability than CVE-2025-29720.
nvd
CVE-2026-41948P2CRITICALCVSS 9.4≤ 1.14.12026-05-18
CVE-2026-41948 [CRITICAL] CWE-23 CVE-2026-41948: Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users
Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencoded dot sequences in task identifiers or manipulated f
nvd
CVE-2026-41947P3CRITICALCVSS 9.1≤ 1.14.12026-05-18
CVE-2026-41947 [CRITICAL] CWE-639 CVE-2026-41947: Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated
Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to redirect all messages and responses from victim appl
nvd
CVE-2026-28288P3MEDIUMCVSS 5.3PoCfixed in 1.9.02026-02-27
CVE-2026-28288 [MEDIUM] CWE-204 CVE-2026-28288: Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to
Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowing an attacker to enumerate email addresses registered with Dify. Version 1.9.0 fixes the issue.
nvd
CVE-2026-41949P3HIGHCVSS 7.5≤ 1.14.12026-05-18
CVE-2026-41949 [HIGH] CWE-639 CVE-2026-41949: Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoi
Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the /console/api/files/{file_id}/preview endpoint with an intercepted file U
nvd
CVE-2024-11822P3HIGHCVSS 7.5v0.9.12025-03-20
CVE-2024-11822 [HIGH] CWE-918 CVE-2024-11822: langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The vulne
langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The vulnerability exists due to improper handling of the api_endpoint parameter, allowing an attacker to make direct requests to internal network services. This can lead to unauthorized access to internal servers and potentially expose sensitive information, inc
nvd
CVE-2025-67732P3MEDIUMCVSS 6.5fixed in 1.11.02026-01-05
CVE-2025-67732 [MEDIUM] CWE-200 CVE-2025-67732: Dify is an open-source LLM app development platform. Prior to version 1.11.0, the API key is exposed
Dify is an open-source LLM app development platform. Prior to version 1.11.0, the API key is exposed in plaintext to the frontend, allowing non-administrator users to view and reuse it. This can lead to unauthorized access to third-party services, potentially consuming limited quotas. Version 1.11.0 fixes the issue.
nvd
CVE-2026-26023P4MEDIUMCVSS 6.1≤ 1.11.42026-02-11
CVE-2026-26023 [MEDIUM] CWE-79 CVE-2026-26023: Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnera
Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is fixed in 1.13.0.
nvd
CVE-2026-21866P4MEDIUMCVSS 5.4fixed in 1.11.22026-03-03
CVE-2026-21866 [MEDIUM] CWE-79 CVE-2026-21866: Dify is an open-source LLM app development platform. Prior to 1.11.2, Dify is vulnerable to a stored
Dify is an open-source LLM app development platform. Prior to 1.11.2, Dify is vulnerable to a stored XSS issue when rendering Mermaid diagrams within chats. This occurs because Dify’s default Mermaid configuration uses securityLevel: loose, which allows potentially unsafe content to execute. This vulnerability is fixed in 1.11.2.
nvd
CVE-2026-34082P4MEDIUMCVSS 4.3fixed in 1.13.12026-04-20
CVE-2026-34082 [MEDIUM] CWE-284 CVE-2026-34082: Dify is an open-source LLM app development platform. Prior to 1.13.1, the method `DELETE /console/ap
Dify is an open-source LLM app development platform. Prior to 1.13.1, the method `DELETE /console/api/installed-apps//conversations/` has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue.
nvd