{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26023", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-09T21:36:29.555Z", "datePublished": "2026-02-11T21:23:09.866Z", "dateUpdated": "2026-02-12T21:16:35.748Z"}, "containers": {"cna": {"title": "Client\u2011side DOM XSS in the web chat app of Dify when using echarts", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/langgenius/dify/security/advisories/GHSA-qqjx-5h5w-x5vj", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/langgenius/dify/security/advisories/GHSA-qqjx-5h5w-x5vj"}, {"name": "https://github.com/langgenius/dify/commit/378a1d7d08bd0ac5c75eaadc075a0f35211fcb8e", "tags": ["x_refsource_MISC"], "url": "https://github.com/langgenius/dify/commit/378a1d7d08bd0ac5c75eaadc075a0f35211fcb8e"}, {"name": "https://github.com/langgenius/dify/releases/tag/1.13.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/langgenius/dify/releases/tag/1.13.0"}], "affected": [{"vendor": "langgenius", "product": "dify", "versions": [{"version": "< 1.13.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-11T21:23:09.866Z"}, "descriptions": [{"lang": "en", "value": "Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is fixed in 1.13.0."}], "source": {"advisory": "GHSA-qqjx-5h5w-x5vj", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-12T21:16:28.177451Z", "id": "CVE-2026-26023", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T21:16:35.748Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26023", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-12T21:16:28.177451Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T21:16:32.099Z"}}], "cna": {"title": "Client\u2011side DOM XSS in the web chat app of Dify when using echarts", "source": {"advisory": "GHSA-qqjx-5h5w-x5vj", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "langgenius", "product": "dify", "versions": [{"status": "affected", "version": "< 1.13.0"}]}], "references": [{"url": "https://github.com/langgenius/dify/security/advisories/GHSA-qqjx-5h5w-x5vj", "name": "https://github.com/langgenius/dify/security/advisories/GHSA-qqjx-5h5w-x5vj", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/langgenius/dify/commit/378a1d7d08bd0ac5c75eaadc075a0f35211fcb8e", "name": "https://github.com/langgenius/dify/commit/378a1d7d08bd0ac5c75eaadc075a0f35211fcb8e", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/langgenius/dify/releases/tag/1.13.0", "name": "https://github.com/langgenius/dify/releases/tag/1.13.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is fixed in 1.13.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-11T21:23:09.866Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26023", "state": "PUBLISHED", "dateUpdated": "2026-02-12T21:16:35.748Z", "dateReserved": "2026-02-09T21:36:29.555Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-11T21:23:09.866Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dify:dify:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB2DB277-79E5-4440-A74A-F518A9322D43", "versionEndIncluding": "1.11.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is fixed in 1.13.0."}], "id": "CVE-2026-26023", "lastModified": "2026-02-13T15:04:10.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-11T22:15:52.233", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/langgenius/dify/commit/378a1d7d08bd0ac5c75eaadc075a0f35211fcb8e"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/langgenius/dify/releases/tag/1.13.0"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/langgenius/dify/security/advisories/GHSA-qqjx-5h5w-x5vj"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.13.0)"}}], "product": "dify", "vendor": "langgenius"}], "analysis": {"en": {"generated_at": "2026-04-17T20:09:45.447310+00:00", "value": {"mitigation_remediation": ["Upgrade Dify to version 1.13.0 or newer, which removes the vulnerable echarts handling.", "If upgrading is delayed, disable echarts usage in the chat frontend or remove chart rendering until the patch is applied.", "Apply additional client\u2011side defenses such as a Content Security Policy that blocks inline scripts and restricts script sources, and ensure that any user or LLM input is escaped or sanitized before being passed to echarts."], "summary": {"action": "Patch", "impact": "Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "Affected systems are versions of the Dify open\u2011source LLM application produced by langgenius before release 1.13.0. The flaw resides in the chat frontend code that processes dynamic input. Users running Dify distributions older than 1.13.0 should be aware that any chat interface making use of echarts for graph rendering is vulnerable.", "description_and_impact": "The vulnerability is a client\u2011side DOM XSS flaw in the Dify web chat application that occurs when echarts components are used to render charts. Because the frontend does not properly sanitize or encode user\u2011or\u2011LLM\u2011generated inputs that feed into echarts, an attacker can embed malicious JavaScript payloads that are executed in the browser when the chart is rendered. This flaw is identified as CWE\u201179.", "risk_and_exploitability": "The severity score for this issue is 5.3 on the CVSS v3.1 scale, indicating moderate impact. The probability of exploitation, as suggested by an EPSS score of less than 1%, is very low, and the vulnerability has not been reported as a known exploited vulnerability in the CISA KEV catalog. Exploitation requires an attacker to supply crafted input to the chat interface, typically by influencing a user or LLM to produce code that will be rendered by echarts; the attack vector is client\u2011side and relies on user interaction."}}}}, "created": "2026-02-12T09:03:13.366293+00:00", "updated": "2026-04-17T20:15:27.002536+00:00", "vendors": ["langgenius", "langgenius$PRODUCT$dify"]}