๐Ÿ” CVE Alert

CVE-2026-61461

HIGH 8.8

Dify < 1.16.0-rc1 SQL Injection via MyScale Vector Store search_by_full_text

CVSS Score
8.8
EPSS Score
0.4%
EPSS Percentile
28th

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the search_by_full_text method without escaping or parameterization. Attackers can inject malicious SQL through the search parameters to read, modify, or delete data in the underlying ClickHouse database.

CWE CWE-89
Vendor langgenius
Product dify
Published Jul 10, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for langgenius dify

Be the first to know when new high vulnerabilities affecting langgenius dify are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

langgenius / dify
0 < 1.16.0-rc1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/langgenius/dify/releases/tag/1.16.0-rc1 github.com: https://github.com/langgenius/dify/issues/38281 github.com: https://github.com/langgenius/dify/pull/38295 github.com: https://github.com/langgenius/dify/commit/d9884efaeea8322706e24c560d2c17e5bf3fab5f vulncheck.com: https://www.vulncheck.com/advisories/dify-rc1-sql-injection-via-myscale-vector-store-search-by-full-text

Credits

YU SUN