Description
Dify version 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the /console/api/files/{file_id}/preview endpoint with an intercepted file UUID to extract sensitive content from documents without ownership or workspace permission verification. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.
Published: 2026-05-18
Score: 8.2 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability in Dify allows an authenticated user to bypass authorization checks on the file preview endpoint and read up to 3,000 characters of any uploaded document across all tenants and workspaces, exposing sensitive content without ownership or permission verification. This bypass is an information disclosure flaw under CWE-639, permitting attackers to acquire confidential data through the public API endpoint. The model of the attack, entirely reliant on a known file UUID and ordinary authentication, leaves confidential documents exposed to any user who can obtain the file identifier.

Affected Systems

All installations of Dify by Langgenius running version 1.14.1 or earlier are affected. The issue applies to the file preview API endpoint available to all authenticated users across all tenants and workspaces, regardless of document ownership.

Risk and Exploitability

With a CVSS score of 8.2, the vulnerability is considered high severity. The EPSS score is not available, but the vulnerability can be exploited easily because the file preview endpoint is publicly reachable and any attacker can create a free account on Dify Cloud, allowing them to authenticate and request the preview for any intercepted or guessed file UUID. The lack of a KEV listing suggests no known mass exploitation, yet the straightforward attack path and broad access make it a significant risk for data leakage.

Generated by OpenCVE AI on May 18, 2026 at 15:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Dify to version 1.14.2 or later, which removes the authorization check on the file preview endpoint.
  • Restrict the /console/api/files/{file_id}/preview API to document owners and enforce tenant‑level permission checks.
  • Disable anonymous/free registration on Dify Cloud or require identity verification before allowing preview access.
  • Monitor API logs for unusual preview requests from unfamiliar accounts or IP addresses.

Generated by OpenCVE AI on May 18, 2026 at 15:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 18 May 2026 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Langgenius
Langgenius dify
Vendors & Products Langgenius
Langgenius dify

Mon, 18 May 2026 14:30:00 +0000

Type Values Removed Values Added
Description Dify version 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the /console/api/files/{file_id}/preview endpoint with an intercepted file UUID to extract sensitive content from documents without ownership or workspace permission verification. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.
Title Dify v1.14.1 Authorization Bypass via File Preview Endpoint
Weaknesses CWE-639
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Langgenius Dify
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-18T14:07:00.470Z

Reserved: 2026-04-22T18:50:43.622Z

Link: CVE-2026-41949

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-18T15:16:26.137

Modified: 2026-05-18T17:29:01.030

Link: CVE-2026-41949

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-18T15:45:25Z

Weaknesses