Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41947 |
|
Vulnerability in dify (CVE-2026-41947)
vulnerability in dify (CVE-2026-41947). Confidential information can be exposed externally.
|
| CVE-2026-41949 |
|
Vulnerability in dify (CVE-2026-41949)
vulnerability in dify (CVE-2026-41949). Confidential information can be exposed externally.
|
| CVE-2026-41948 |
|
Vulnerability in path-traversal (CVE-2026-41948)
vulnerability in path-traversal (CVE-2026-41948). Confidential information can be exposed externally.
|
| CVE-2026-41950 |
|
Vulnerability in langgenius (CVE-2026-41950)
vulnerability in langgenius (CVE-2026-41950). Confidential information can be exposed externally.
|
| CVE-2026-42138 |
|
Cross-Site Scripting (XSS) in langgenius (CVE-2026-42138)
cross-site scripting in langgenius (CVE-2026-42138). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/files/upload`.
|
| CVE-2025-56157 |
|
Vulnerability in langgenius (CVE-2025-56157)
vulnerability in langgenius (CVE-2025-56157). Successful exploitation can lead to full system takeover.
|