Home

Description

Dify before version 1.14.0 contains an authorization bypass vulnerability that allows authenticated users to read the full contents of files uploaded by other users within the same tenant by supplying an arbitrary file UUID in the files array of a chat-messages request. Attackers can exploit insufficient permission verification in the chat-messages endpoints to access files without ownership validation, bypassing workspace separation and signed URL protections to retrieve sensitive file contents through workflow processing.

PUBLISHED Reserved 2026-04-22 | Published 2026-05-05 | Updated 2026-05-06 | Assigner VulnCheck




MEDIUM: 6.0CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-639 Authorization Bypass Through User-Controlled Key

Product status

Default status
affected

Any version before 1.14.0
affected

Credits

Ido Shani and Gal Zaban of Zafran Security finder

References

huntr.com/bounties/181136ec-d957-4b75-8ea7-6fa7b8abd01d exploit

github.com/langgenius/dify/releases/tag/1.14.0 release-notes patch

huntr.com/bounties/181136ec-d957-4b75-8ea7-6fa7b8abd01d technical-description exploit

www.vulncheck.com/...dify-authorization-bypass-via-file-uuid third-party-advisory

cve.org (CVE-2026-41950)

nvd.nist.gov (CVE-2026-41950)

Download JSON