CVE-2025-3466

High CVSS: 7.2

langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability to override global functions in JavaScript, such as parseInt, before sandbox security restrictions are imposed. This can lead to unauthorized access to secret keys, internal network servers, and lateral movement within dify.ai. The issue is resolved in version 1.1.3.

Vendor

Langgenius

Product

Dify

CWE

CWE-1100

Yayın Tarihi

2025-07-07 10:15:27

Güncelleme

2025-07-10 15:01:31

Source Identifier

security@huntr.dev

KEV Date Added

Kategoriler

CWE-1100 Dify HIGH Langgenius 2025

Referanslar

https://github.com/langgenius/dify/commit/1be0d26c1feb4bcbbdd2b4ae4eeb25874aadaddb https://huntr.com/bounties/f8dc17a3-5536-4944-a680-24070903cd2d

Benzer Kayıtlar

High

CVE-2025-63387

Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to th…

Critical

CVE-2025-56157

Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file inclu…

Critical

CVE-2025-63386

A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/setup en…

Critical

CVE-2025-63388

A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/system-f…

Medium

CVE-2025-11750

In langgenius/dify-web version 1.6.0, the authentication mechanism reveals the existence of user accounts by returning d…

Low

CVE-2025-58747

Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable t…