CVE-2025-56157 | Dify up to 1.5.1 docker-compose.yaml default credentials

December 18, 2025 Yanac

A vulnerability described as problematic has been identified in Dify up to 1.5.1. This issue affects some unknown processing of the file docker-compose.yaml. The manipulation results in use of default credentials.

This vulnerability is known as CVE-2025-56157. Access to the local network is required for this attack. No exploit is available.VulDB Recent EntriesRead More

CVE-2019-25228 | Kentico Xperience up to 12.0.47 HTTP Header Referer exposure of sensitive system information to an unauthorized control sphere
CVE-2025-62004 | BullWall Server Intrusion Protection 4.6.0.0/4.6.0.6/4.6.0.7/4.6.1.4 toctou