Skip to main content
Dify Logo/Enterprise

web Security Scan

View Release Notes
Securityv3.9.2Generated 2026-04-28 05:24:20 UTC
Critical
2 found
High
22 found
Scan Date
Apr 28, 2026

Scanner: Docker Scout

Critical vulnerabilities: 0

High vulnerabilities: 4

Critical

No critical vulnerabilities found.

High

CVEPackageInstalledFixedDescription
CVE-2026-41672xmldom0.8.120.8.13CVE-2026-41672: XML Injection (aka Blind XPath Injection)
CVE-2026-41673xmldom0.8.120.8.13CVE-2026-41673: Uncontrolled Recursion
CVE-2026-41674xmldom0.8.120.8.13CVE-2026-41674: XML Injection (aka Blind XPath Injection)
CVE-2026-41675xmldom0.8.120.8.13CVE-2026-41675: XML Injection (aka Blind XPath Injection)
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.
Documentation
Support
Contact