CVE-2025-51868 is an Insecure Direct Object Reference (IDOR) vulnerability identified in the Dippy chat platform (chat.dippy.ai) version 2. This vulnerability arises due to insufficient access control on the conversation_history endpoint, specifically through the conversation_id parameter. An attacker can manipulate this parameter to access sensitive information from conversations they are not authorized to view. The vulnerability is classified under CWE-639, which relates to authorization errors leading to exposure of sensitive data. The CVSS v3.1 base score is 7.5, indicating a high severity level. The vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N indicates that the vulnerability can be exploited remotely over the network without any privileges or user interaction, and it results in a high impact on confidentiality, with no impact on integrity or availability. No patch or fix has been published yet, and there are no known exploits in the wild at the time of this report. The vulnerability allows unauthorized disclosure of sensitive conversation data, which could include personal information, business communications, or other confidential content exchanged via the chat platform.

For European organizations using Dippy chat platform version 2, this vulnerability poses a significant risk to the confidentiality of sensitive communications. Unauthorized access to conversation histories could lead to exposure of personal data protected under GDPR, potentially resulting in regulatory penalties and loss of customer trust. Business-critical information, intellectual property, or strategic communications could be leaked, leading to competitive disadvantages or reputational damage. Since the vulnerability does not affect integrity or availability, operational disruption is unlikely; however, the confidentiality breach alone is severe. The fact that exploitation requires no authentication or user interaction increases the risk of automated or opportunistic attacks. Organizations in sectors such as finance, healthcare, legal, and government, which rely heavily on secure communications, are particularly vulnerable. Additionally, the lack of a patch means organizations must rely on compensating controls until a fix is available.

Given the absence of an official patch, European organizations should implement immediate compensating controls. These include restricting access to the conversation_history endpoint via network-level controls such as IP whitelisting or VPN-only access to limit exposure. Implementing strict authentication and authorization checks at the application or API gateway level can prevent unauthorized parameter manipulation. Monitoring and logging access to conversation histories should be enhanced to detect suspicious activities, such as unusual conversation_id requests. Organizations should conduct internal audits to identify sensitive conversations stored on the platform and consider encrypting sensitive data at rest and in transit. User education about the sensitivity of information shared on the platform is advisable. Finally, organizations should maintain close communication with the vendor for timely patch releases and apply updates promptly once available.