Cybersecurity researchers at Zafran Security have disclosed four vulnerabilities in Dify, an open-source agentic workflow platform with over 146,000 GitHub stars, collectively…
AI SecurityCloud SecurityCVE-2024-5846CVE-2026-11645
A critical authorization bypass vulnerability (CVSS 9.1) in Dify that allows authenticated editor users to set and enable trace configurations for any…
A critical path traversal vulnerability (CVSS 9.4) in Dify that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal…
An authorization bypass vulnerability (CVSS 7.5/5.9) in Dify's file preview endpoint that allows any authenticated user to read up to 3,000 characters…
Dify is an open-source agentic workflow platform with over 146,000 GitHub stars. It was found to have multiple vulnerabilities (DifyTap) allowing cross-tenant…
Dify was identified as a relevant cybersecurity entity in recently ingested reporting. This profile is generated so related cyber news, CVEs, malware,…