Researchers uncovered four vulnerabilities in Dify, codenamed DifyTap, that could let attackers read private AI chats, access internal APIs, and expose files across tenants without authentication. Most issues have been patched in Dify 1.14.2, while one path traversal flaw remains pending a fix. #Dify #DifyTap #CVE-2026-41947 #CVE-2026-41948 #CVE-2026-41949 #CVE-2026-41950 #PDFium #CVE-2024-5846
Keypoints
- DifyTap covers four vulnerabilities in Dify, including two critical flaws.
- The bugs could expose private AI conversations and enable cross-tenant data leakage.
- Attackers could traverse the Plugin Daemon API and reach internal endpoints.
- File preview and chat-message flaws allowed reading documents from other users and tenants.
- Most issues were fixed in Dify 1.14.2, but CVE-2026-41948 still needs a patch.
Read More: https://thehackernews.com/2026/06/researchers-detail-difytap-flaws-in.html