Filter
-Infinity
0

Trending

Last week
Last month
Last year

Versions

0.9.1
1

DifyDIFY vulnerable to Clickjacking Attack

low
2.3
EPSS
0.04%
First published (updated )
CVE-2025-43854

DifyDify Allows Unauthorized Access and Modification of APP Orchestration

high
7.6
EPSS
0.04%
First published (updated )
CVE-2025-43862

DifyDify Allows Unauthorized APP Enable/Disable via API

medium
6.5
EPSS
0.03%
First published (updated )
CVE-2025-32796

DifyDify Allows Insecure User Role Access Control for APP Editing

medium
6.5
EPSS
0.02%
First published (updated )
CVE-2025-32795

DifyDify Allows Insecure User Role Access Control for APP DSL Exporting

medium
6.3
EPSS
0.03%
First published (updated )
CVE-2025-32790

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DifySSRF

medium
4.8
First published (updated )
CVE-2025-29720

DifyServer-Side Request Forgery (SSRF) in langgenius/dify

medium
6.5
First published (updated )
CVE-2025-0184

DifyStored XSS in langgenius/dify

medium
6.8
First published (updated )
CVE-2024-11850

DifyAuthentication Bypass in langgenius/dify

high
8.1
First published (updated )
CVE-2024-12776

DifyCode Injection in langgenius/dify

high
8.8
First published (updated )
CVE-2024-10252

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DifyImproper Restriction of Excessive Authentication Attempts in langgenius/dify

high
7.4
First published (updated )
CVE-2024-12039

DifySSRF in langgenius/dify

medium
6.5
First published (updated )
CVE-2024-12775

DifyServer-Side Request Forgery (SSRF) in langgenius/dify

high
7.5
First published (updated )
CVE-2024-11822

DifyPandas Query Injection in langgenius/dify

high
8.8
First published (updated )
CVE-2025-0185

DifyStored XSS in langgenius/dify

medium
5.8
First published (updated )
CVE-2024-11824

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DifyPrivilege Escalation in langgenius/dify

medium
4.3
First published (updated )
CVE-2024-11821

DifyAdmin account takeover through weak Pseudo-Random number generator used in generating password reset codes in langgenius/dify

high
7.5
First published (updated )
CVE-2025-1796

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203