Description
Dify before version 1.14.0 contains an authorization bypass vulnerability that allows authenticated users to read the full contents of files uploaded by other users within the same tenant by supplying an arbitrary file UUID in the files array of a chat-messages request. Attackers can exploit insufficient permission verification in the chat-messages endpoints to access files without ownership validation, bypassing workspace separation and signed URL protections to retrieve sensitive file contents through workflow processing.
Published: 2026-05-05
Score: 6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability allows an authenticated user to read any file uploaded by other users within the same tenant by submitting an arbitrary file identifier to the chat-messages API. The endpoint lacks proper ownership verification and bypasses the intended workspace separation and signed URL authorisation controls. An attacker can therefore retrieve full file contents that should be restricted to the owning user, facilitating disclosure of sensitive information. The weakness is a classic case of insufficient authorization checks, classified as CWE-639.

Affected Systems

Products from the langgenius Dify platform with version numbers earlier than 1.14.0 are affected. No further sub‑version granularity is supplied in the available data.

Risk and Exploitability

The CVSS score of 6 indicates a moderate severity. EPSS data is unavailable, so the current likelihood of exploitation is unknown, and the vulnerability is not listed in CISA KEV. Exploitation requires only that the attacker is already authenticated to the application and can send API requests, suggesting the attack vector is over the network via the chat‑messages endpoint. While the exploit does not require elevated privileges, any authenticated user can misuse it, making it a notable threat to confidentiality within a tenant.

Generated by OpenCVE AI on May 5, 2026 at 22:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor patch released in version 1.14.0 of Dify to restore proper ownership checks
  • Restrict or revoke the chat‑messages API functionality for users who do not need it, and implement runtime validation that the requesting user owns the specified file UUID
  • Audit user access logs for suspicious file‑access patterns and apply least‑privilege measures to limit file visibility

Generated by OpenCVE AI on May 5, 2026 at 22:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 23:15:00 +0000

Type Values Removed Values Added
First Time appeared Langgenius
Langgenius dify
Vendors & Products Langgenius
Langgenius dify

Tue, 05 May 2026 21:00:00 +0000

Type Values Removed Values Added
Description Dify before version 1.14.0 contains an authorization bypass vulnerability that allows authenticated users to read the full contents of files uploaded by other users within the same tenant by supplying an arbitrary file UUID in the files array of a chat-messages request. Attackers can exploit insufficient permission verification in the chat-messages endpoints to access files without ownership validation, bypassing workspace separation and signed URL protections to retrieve sensitive file contents through workflow processing.
Title Dify < 1.14.0 Authorization Bypass via File UUID
Weaknesses CWE-639
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Langgenius Dify
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-05T20:35:56.073Z

Reserved: 2026-04-22T18:50:43.622Z

Link: CVE-2026-41950

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-05T21:16:23.233

Modified: 2026-05-05T21:16:23.233

Link: CVE-2026-41950

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T23:00:10Z

Weaknesses