Home

Description

Dify version 1.14.1 and prior contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to redirect all messages and responses from victim applications to attacker-controlled LLM trace providers. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.

PUBLISHED Reserved 2026-04-22 | Published 2026-05-18 | Updated 2026-05-18 | Assigner VulnCheck




CRITICAL: 9.1CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

HIGH: 7.4CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

Authorization Bypass Through User-Controlled Key

Product status

Default status
affected

Any version
affected

Credits

Ido Shani and Gal Zaban of Zafran Security finder

References

huntr.com/bounties/a43076b2-fbc8-4750-9647-89a036b52f52 technical-description exploit

github.com/langgenius/dify/pull/35793 issue-tracking patch

www.vulncheck.com/...ypass-via-trace-configuration-endpoints third-party-advisory

cve.org (CVE-2026-41947)

nvd.nist.gov (CVE-2026-41947)

Download JSON