CNNVD-202512-3445 Information
Dec 18, 2025
cve
CNNVD ID
CNNVD-202512-3445
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
dify是LangGenius开源的一个开源的 LLM 应用程序开发平台。 dify 1.9.1版本存在安全漏洞,该漏洞源于CORS配置不当,可能导致跨域认证请求。
Description (English)
Diffy is an open source LLM application development platform for LangGenius open source. There is a security loophole in version 1.9.1, which stems from the inappropriate configuration of COREs and may lead to cross-domain authentication requests.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
LangGenius
Published
2025-12-18
Last Modified
2026-02-24
References
https://gist.github.com/Cristliu/c2bc7d05abd89db8eb542a453a528d77 https://github.com/langgenius/dify/discussions https://gist.github.com/Cristliu/5ded6d03e41d7d66ecb1b568bae3ff6c https://access.redhat.com/security/cve/cve-2025-63388
Patch
https://github.com/langgenius/dify/releases
Share on: