Skip to main content
Dify Logo/Enterprise

api-insecure Security Scan

View Release Notes
Securityv3.9.3Generated 2026-05-08 08:29:48 UTC
Critical
2 found
High
16 found
Scan Date
May 08, 2026

Scanner: Docker Scout

Critical vulnerabilities: 2

High vulnerabilities: 10

Critical

CVEPackageInstalledFixedDescription
CVE-2026-33186grpc1.77.01.79.3CVE-2026-33186: Improper Authorization
CVE-2025-68121stdlib1.25.51.25.7CVE-2025-68121

High

CVEPackageInstalledFixedDescription
CVE-2026-24051sdk1.38.01.40.0CVE-2026-24051: Untrusted Search Path
CVE-2026-39883sdk1.38.01.43.0CVE-2026-39883: Untrusted Search Path
CVE-2024-23342ecdsa0.19.1not fixedCVE-2024-23342: Observable Discrepancy
CVE-2025-61726stdlib1.25.51.25.6CVE-2025-61726
CVE-2026-25679stdlib1.25.51.25.8CVE-2026-25679
CVE-2026-29181otel1.38.01.41.0CVE-2026-29181: Uncontrolled Resource Consumption
CVE-2026-32280stdlib1.25.51.25.9CVE-2026-32280
CVE-2026-32281stdlib1.25.51.25.9CVE-2026-32281
CVE-2026-32283stdlib1.25.51.25.9CVE-2026-32283
CVE-2026-41602thrift0.22.00.23.0CVE-2026-41602: Integer Overflow or Wraparound
© 2026 Dify All rights reserved.Enterprise release information is confidential. Do not distribute externally.
Documentation
Support
Contact