Dify

Dify is an open-source low-code platform for building AI applications and workflows. This medium-severity vulnerability allows remote attackers without authentication to exploit the application through user interaction, potentially compromising confidentiality and integrity of data. Security teams should monitor for patch availability after the July 2026 vendor deadline and prioritize updates for instances exposed to untrusted networks.