CVE-2026-41947
9.1 CRITICALDify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace ...
Published: 2026-05-18 · Last updated: 2026-05-26
Severity and scoring
- CVSS
- 9.1 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-639
Affected products
| Vendor | Product |
|---|---|
| dify | dify |
Description
Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to redirect all messages and responses from victim applications to attacker-controlled LLM trace providers. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-41947
- [Other]https://github.com/langgenius/dify/commit/55d05fe52de880cd8497df8cea052351c594fad8
- [Patch]https://github.com/langgenius/dify/pull/35793
- [Other]https://github.com/langgenius/dify/releases/tag/1.14.2
- [Exploit reference]https://huntr.com/bounties/a43076b2-fbc8-4750-9647-89a036b52f52
- [Other]https://www.vulncheck.com/advisories/dify-authorization-bypass-via-trace-configuration-endpoints
Related CVEs
Same vendor
- CVE-2026-41949 — Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user... (5.9 MEDIUM)
- CVE-2026-41948 — Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to ... (9.4 CRITICAL)
Same CWE
- CVE-2026-47238 — ClipBucket v5 is an open source video sharing platform (6.5 MEDIUM)
- CVE-2026-47189 — Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support
- CVE-2026-7787 — IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authenticatio... (7.5 HIGH)
- CVE-2026-8406 — openSIS Classic 9.3 contains an insecure direct object reference vulnerability in the messaging module
- CVE-2026-6976 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.... (3.7 LOW)