CyberSecurityBoardThreat Intel · CVEs · Products
Critical CVEs

CVE-2024-5846: Use-After-Free in PDFium Affecting Dify

June 25, 2026

A use-after-free vulnerability in PDFium, an open-source C++ library for PDF rendering, with a CVSS score of 8.8. It could allow a remote attacker to exploit heap corruption via a crafted PDF file, impacting Dify's file parsing stack.