CVE-2026-41947

Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to redirect all messages and responses from victim applications to attacker-controlled LLM trace providers. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/langgenius/dify/commit/55d05fe52de880cd8497df8cea052351c594fad8
https://github.com/langgenius/dify/pull/35793	Issue Tracking Mitigation Patch
https://github.com/langgenius/dify/releases/tag/1.14.2
https://huntr.com/bounties/a43076b2-fbc8-4750-9647-89a036b52f52	Exploit Third Party Advisory
https://www.vulncheck.com/advisories/dify-authorization-bypass-via-trace-configuration-endpoints	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dify:dify:*:*:*:*:*:*:*:*

History

26 May 2026, 17:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.4~~	v2 : unknown v3 : 9.1
References		() https://github.com/langgenius/dify/commit/55d05fe52de880cd8497df8cea052351c594fad8 - () https://github.com/langgenius/dify/releases/tag/1.14.2 -
Summary	(en) Dify version 1.14.1 and prior contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to redirect all messages and responses from victim applications to attacker-controlled LLM trace providers. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.	(en) Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to redirect all messages and responses from victim applications to attacker-controlled LLM trace providers. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.

19 May 2026, 19:24

Type	Values Removed	Values Added
CPE		cpe:2.3:a:dify:dify::::::::
First Time		Dify dify Dify
References	~~() https://github.com/langgenius/dify/pull/35793 -~~	() https://github.com/langgenius/dify/pull/35793 - Issue Tracking, Mitigation, Patch
References	~~() https://huntr.com/bounties/a43076b2-fbc8-4750-9647-89a036b52f52 -~~	() https://huntr.com/bounties/a43076b2-fbc8-4750-9647-89a036b52f52 - Exploit, Third Party Advisory
References	~~() https://www.vulncheck.com/advisories/dify-authorization-bypass-via-trace-configuration-endpoints -~~	() https://www.vulncheck.com/advisories/dify-authorization-bypass-via-trace-configuration-endpoints - Third Party Advisory

18 May 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-18 15:16

Updated : 2026-05-26 17:16

NVD link : CVE-2026-41947

Mitre link : CVE-2026-41947

CVE.ORG link : CVE-2026-41947

JSON object : View

Products Affected

dify

dify

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

9.1 /10