Description
A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundle of the file api/core/tools/utils/parser.py of the component ApiBasedToolSchemaParser. Executing a manipulation of the argument url can lead to server-side request forgery. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-04-20
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery
Action: Patch
AI Analysis

Impact

A flaw exists in the parse_openai_plugin_json_to_tool_bundle function of the ApiBasedToolSchemaParser component in langgenius dify. Manipulating the URL argument that the function receives can cause the vulnerable server to issue arbitrary outbound requests, allowing an attacker to access internal resources or reach external systems. This vulnerability is identified as CWE‑918 and can potentially compromise confidentiality and availability by enabling an attacker to exfiltrate data or pivot to other systems.

Affected Systems

The affected product is langgenius dify, versions up to and including 1.13.3. All releases before or equal to 1.13.3 are vulnerable; newer versions are presumed to be fixed.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. No EPSS score is available, and the vulnerability is not listed in CISA KEV. The attack vector is remote; the flaw can be triggered via HTTP requests that pass a crafted URL parameter to the vulnerable function. An exploit has been published, meaning an attacker can already engineer the SSRF scenario without needing custom tooling.

Generated by OpenCVE AI on April 20, 2026 at 09:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade langgenius dify to a version later than 1.13.3 when an official patch is released.
  • If an immediate upgrade is not feasible, restrict the server’s outbound network access or configure firewall rules to block unexpected HTTP/HTTPS traffic from the application process.
  • Validate and sanitize any user‑supplied URL parameters before they are used by the parser, ensuring only allowed domains or IP ranges are accepted.
  • Monitor system logs for unusual outbound requests and investigate any incidents promptly.

Generated by OpenCVE AI on April 20, 2026 at 09:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 08:45:00 +0000

Type Values Removed Values Added
Description A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundle of the file api/core/tools/utils/parser.py of the component ApiBasedToolSchemaParser. Executing a manipulation of the argument url can lead to server-side request forgery. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title langgenius dify ApiBasedToolSchemaParser parser.py parse_openai_plugin_json_to_tool_bundle server-side request forgery
First Time appeared Langgenius
Langgenius dify
Weaknesses CWE-918
CPEs cpe:2.3:a:langgenius:dify:*:*:*:*:*:*:*:*
Vendors & Products Langgenius
Langgenius dify
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Langgenius Dify
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-20T07:45:16.985Z

Reserved: 2026-04-19T16:18:39.660Z

Link: CVE-2026-6618

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-20T09:16:09.607

Modified: 2026-04-20T09:16:09.607

Link: CVE-2026-6618

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T14:30:08Z

Weaknesses