CVE-2026-41949: Authorization Bypass Through User-Controlled Key in langgenius dify
Dify version 1. 14. 1 and earlier contains an authorization bypass vulnerability in its file preview endpoint. This flaw allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces by using only the file's UUID. The vulnerability arises because the endpoint does not verify ownership or workspace permissions before disclosing document content. Additionally, Dify Cloud permits unauthenticated free self-registration, enabling attackers to create accounts easily and exploit this issue. The vulnerability has a high severity rating with a CVSS score of 8. 2. No official patch or remediation guidance is currently available.
AI Analysis
Technical Summary
CVE-2026-41949 is an authorization bypass vulnerability affecting Dify version 1.14.1 and prior. The issue exists in the /console/api/files/{file_id}/preview endpoint, which allows any authenticated user to access partial content (up to 3,000 characters) of any uploaded document by supplying the document's UUID. The endpoint fails to enforce ownership or workspace permission checks, enabling cross-tenant data exposure. The vulnerability is exacerbated by the fact that Dify Cloud allows unauthenticated users to self-register accounts, lowering the barrier for attackers to exploit this flaw. The CVSS 4.0 vector indicates network attack vector, high attack complexity, no privileges required, no user interaction, and high impact on confidentiality.
Potential Impact
An attacker with any authenticated account on Dify can access sensitive content from documents they do not own or have permission to view, potentially exposing confidential information across tenants and workspaces. Because Dify Cloud allows free self-registration without authentication barriers, attackers can easily create accounts to exploit this vulnerability. The impact is limited to reading up to 3,000 characters per document preview request but affects confidentiality significantly.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, organizations should consider restricting access to the file preview endpoint, monitoring for unusual access patterns, and limiting account creation if possible. Since no official patch or temporary fix is documented, users should follow vendor updates closely.
CVE-2026-41949: Authorization Bypass Through User-Controlled Key in langgenius dify
Description
Dify version 1. 14. 1 and earlier contains an authorization bypass vulnerability in its file preview endpoint. This flaw allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces by using only the file's UUID. The vulnerability arises because the endpoint does not verify ownership or workspace permissions before disclosing document content. Additionally, Dify Cloud permits unauthenticated free self-registration, enabling attackers to create accounts easily and exploit this issue. The vulnerability has a high severity rating with a CVSS score of 8. 2. No official patch or remediation guidance is currently available.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-41949 is an authorization bypass vulnerability affecting Dify version 1.14.1 and prior. The issue exists in the /console/api/files/{file_id}/preview endpoint, which allows any authenticated user to access partial content (up to 3,000 characters) of any uploaded document by supplying the document's UUID. The endpoint fails to enforce ownership or workspace permission checks, enabling cross-tenant data exposure. The vulnerability is exacerbated by the fact that Dify Cloud allows unauthenticated users to self-register accounts, lowering the barrier for attackers to exploit this flaw. The CVSS 4.0 vector indicates network attack vector, high attack complexity, no privileges required, no user interaction, and high impact on confidentiality.
Potential Impact
An attacker with any authenticated account on Dify can access sensitive content from documents they do not own or have permission to view, potentially exposing confidential information across tenants and workspaces. Because Dify Cloud allows free self-registration without authentication barriers, attackers can easily create accounts to exploit this vulnerability. The impact is limited to reading up to 3,000 characters per document preview request but affects confidentiality significantly.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, organizations should consider restricting access to the file preview endpoint, monitoring for unusual access patterns, and limiting account creation if possible. Since no official patch or temporary fix is documented, users should follow vendor updates closely.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-04-22T18:50:43.622Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a0b2098ec166c07b0c69452
Added to database: 5/18/2026, 2:22:16 PM
Last enriched: 5/18/2026, 2:36:44 PM
Last updated: 5/18/2026, 6:47:16 PM
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.