โ† All reports

The function openInNewTab in the ImagePreview component of langgenius dify up to version 1.13.3 contains a vulnerability that can be exploited.

CybersecurityInformation SecurityApr 20, 2026score 0.172 posts ยท 0 replies across 1 instances
The thread discusses two vulnerabilities found in the langgenius dify product, affecting specific functions in different files. These vulnerabilities have been reported with CVSS scores and are relevant to cybersecurity and information security.

Claims

The function openInNewTab in the ImagePreview component of langgenius dify up to version 1.13.3 contains a vulnerability that can be exploited.
Parent: CybersecurityEntity: langgenius difySub-entity: ImagePreview componentImpact: negativeDate: Apr 20, 2026Target: The presence of the vulnerability in the specified component and version of langgenius dify
The function get_api_tool_provider_remote_schema in the ApiToolManageService component of langgenius dify up to version 0.6.9 contains a vulnerability that can be exploited.
Parent: CybersecurityEntity: langgenius difySub-entity: ApiToolManageService componentImpact: negativeDate: Apr 20, 2026Target: The presence of the vulnerability in the specified component and version of langgenius dify

Source posts

@[email protected]
๐Ÿšจ EUVD-2026-23809 ๐Ÿ“Š Score: 5.1/10 (CVSS v3.1) ๐Ÿ“ฆ Product: dify, dify, dify (+1 more) ๐Ÿข Vendor: langgenius ๐Ÿ“… Updated: 2026-04-20 ๐Ÿ“ A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePreview. The manipulation of the argument f... ๐Ÿ”— https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23809 #cybersecurity #infosec #euvd #cve #vulnerability
1 boosts ยท 0 favs ยท 0 replies ยท Apr 20, 2026
#cybersecurity#infosec#euvd#cve#vulnerability
@[email protected]
๐Ÿšจ EUVD-2026-23805 ๐Ÿ“Š Score: 5.3/10 (CVSS v3.1) ๐Ÿ“ฆ Product: dify, dify, dify (+7 more) ๐Ÿข Vendor: langgenius ๐Ÿ“… Updated: 2026-04-20 ๐Ÿ“ A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provider_remote_schema of the file api/services/tools/api_tools_manage_service.py of the component ApiToolManageService. P... ๐Ÿ”— https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-23805 #cybersecurity #infosec #euvd #cve #vulnerability
1 boosts ยท 0 favs ยท 0 replies ยท Apr 20, 2026
#cybersecurity#infosec#euvd#cve#vulnerability