CVE-2025-63386 | Dify 1.9.1 Endpoint /console/api/setup access control

December 18, 2025 Yanac

A vulnerability marked as critical has been reported in Dify 1.9.1. This affects an unknown part of the file /console/api/setup of the component Endpoint. Performing manipulation results in improper access controls.

This vulnerability was named CVE-2025-63386. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-64461 | NI LabVIEW up to 22.3.6/23.3.7/24.3.4/25.3.2 mgocre_SH_25_3!RevBL out-of-bounds write
CVE-2025-68323 | Linux Kernel up to 6.17.12/6.18.1 usb gaokun_ucsi_probe use after free