{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T11:33:40.439","vulnerabilities":[{"cve":{"id":"CVE-2025-1796","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:54.157","lastModified":"2025-07-16T15:15:54.623","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in langgenius\/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PRNG) used for generating password reset codes. The application uses `random.randint` for this purpose, which is not suitable for cryptographic use and can be cracked. An attacker with access to workflow tools can extract the PRNG output and predict future password reset codes, leading to a complete compromise of the application."},{"lang":"es","value":"Una vulnerabilidad en langgenius\/dify v0.10.1 permite a un atacante tomar el control de cualquier cuenta, incluidas las de administrador, explotando un generador de números pseudoaleatorios (PRNG) débil, utilizado para generar códigos de restablecimiento de contraseña. La aplicación utiliza `random.randint` para este propósito, que no es apto para uso criptográfico y puede ser descifrado. Un atacante con acceso a herramientas de flujo de trabajo puede extraer la salida del PRNG y predecir futuros códigos de restablecimiento de contraseña, lo que compromete completamente la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-338"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:langgenius:dify:0.10.1:*:*:*:*:node.js:*:*","matchCriteriaId":"BBCA5D7F-39A8-4B8F-9DFF-383365E0AFCD"}]}]}],"references":[{"url":"https:\/\/huntr.com\/bounties\/a60f3039-5394-4e22-8de7-a7da9c6a6e00","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]}]}}]}