Unrated severityNVD Advisory· Published Jul 7, 2025· Updated Jul 7, 2025

Unsanitized Input in langgenius/dify

CVE-2025-3466

Description

langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability to override global functions in JavaScript, such as parseInt, before sandbox security restrictions are imposed. This can lead to unauthorized access to secret keys, internal network servers, and lateral movement within dify.ai. The issue is resolved in version 1.1.3.

Affected products

Langgenius/Difyllm-fuzzy
Range: 1.1.0 - 1.1.2
langgenius/langgenius/difyv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/langgenius/dify/commit/1be0d26c1feb4bcbbdd2b4ae4eeb25874aadaddbmitre
huntr.com/bounties/f8dc17a3-5536-4944-a680-24070903cd2dmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000