CNNVD-202512-3420 Information

CNNVD ID

CNNVD-202512-3420

Related CVE

CVE-2025-56157

• CNNVD Published: 2025-12-18

Description (Chinese)

dify是LangGenius开源的一个开源的 LLM 应用程序开发平台。 dify 1.5.1版本存在安全漏洞，该漏洞源于默认凭据，可能导致未经授权访问。

Description (English)

Diffy is an open source LLM application development platform for LangGenius open source. There is a security loophole in version 1.5.1, which is derived from default evidence and may lead to unauthorized access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

LangGenius

Published

2025-12-18

Last Modified

2026-02-24

References

https://gist.github.com/Cristliu/298f51cbc72c45d91632cd0d65aa8161 https://github.com/langgenius/dify http://dify.com https://github.com/langgenius/dify/releases/tag/1.0.1 https://gist.github.com/Cristliu/216ddbadaf3258498c93d408683ecabd https://access.redhat.com/security/cve/cve-2025-56157

Patch

https://github.com/langgenius/dify/releases