Skip to main content
Dify Logo/Enterprise

plugin_daemon_local Security Scan

View Release Notes
Securityv3.9.1Generated 2026-04-15 07:58:45 UTC
Critical
28 found
High
112 found
Scan Date
Apr 15, 2026

Scanner: Docker Scout

Critical vulnerabilities: 2

High vulnerabilities: 8

Critical

CVEPackageInstalledFixedDescription
CVE-2026-33815v55.5.5not fixedCVE-2026-33815
CVE-2026-33816v55.5.5not fixedCVE-2026-33816

High

CVEPackageInstalledFixedDescription
CVE-2026-24049wheel0.42.00.46.2CVE-2026-24049: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-39883sdk1.41.01.43.0CVE-2026-39883: Untrusted Search Path
CVE-2024-6345setuptools68.1.270.0.0CVE-2024-6345: Improper Control of Generation of Code ('Code Injection')
CVE-2026-32280stdlib1.25.81.25.9CVE-2026-32280
CVE-2026-32281stdlib1.25.81.25.9CVE-2026-32281
CVE-2026-32283stdlib1.25.81.25.9CVE-2026-32283
CVE-2026-34986v44.1.34.1.4CVE-2026-34986: Uncaught Exception
CVE-2025-47273setuptools68.1.278.1.1CVE-2025-47273: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.
Documentation
Support
Contact