CVE-2025-67732 is a vulnerability identified in the langgenius Dify platform, an open-source tool for developing large language model (LLM) applications. Before version 1.11.0, Dify's frontend exposes the API key in plaintext to all users, including those without administrative privileges. This exposure violates secure credential management principles and allows unauthorized actors to obtain and reuse the API key. The API key typically grants access to third-party services integrated with Dify, such as cloud-based AI APIs or data providers. Unauthorized use of these keys can lead to quota exhaustion, financial costs, or unauthorized data access. The vulnerability is classified under CWE-200 (Exposure of Sensitive Information) and CWE-522 (Insufficiently Protected Credentials). The CVSS 4.0 score is 8.4 (high), reflecting network attack vector, no authentication required, no user interaction, and high impact on confidentiality and partial impact on integrity. Exploitation does not require user interaction and can be performed remotely by any user with access to the frontend interface. The vulnerability was publicly disclosed in early 2026 and fixed in version 1.11.0 of Dify. No known exploits are currently reported in the wild, but the risk remains significant due to the ease of exploitation and sensitive nature of the exposed credentials.

For European organizations, this vulnerability poses a significant risk, especially those leveraging the Dify platform for AI application development or integrating third-party AI services. Exposure of API keys can lead to unauthorized consumption of third-party service quotas, resulting in service disruptions or unexpected costs. Confidential data accessed via these APIs could be compromised, impacting data privacy compliance under GDPR. Additionally, unauthorized API usage could degrade service integrity and availability, affecting business operations. Organizations relying on AI services for critical functions may face operational delays or reputational damage if attackers misuse exposed credentials. The vulnerability also increases the attack surface for supply chain attacks, as compromised API keys could be used to pivot into other connected systems or services. Given the growing adoption of AI platforms in Europe, the impact could be widespread if not mitigated promptly.

The primary mitigation is to upgrade all instances of Dify to version 1.11.0 or later, where the API key exposure issue is resolved. Organizations should audit their deployments to identify affected versions and enforce immediate patching. Additionally, restrict frontend access to trusted users only, implementing role-based access controls to limit exposure. Rotate all API keys that may have been exposed prior to patching to invalidate compromised credentials. Employ network-level protections such as web application firewalls (WAFs) to monitor and block suspicious API key usage patterns. Implement monitoring and alerting for unusual third-party service consumption to detect potential abuse early. Educate developers and administrators on secure credential management practices, ensuring sensitive keys are never exposed in client-side code. Finally, consider using environment variables or secure vaults for storing API keys, and enforce least privilege principles on API keys to minimize potential damage if compromised.