Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
Summary
Researchers discovered four vulnerabilities in Dify, an open-source platform for building AI workflows, that could let attackers read private AI conversations from other customers without logging in. These flaws, called DifyTap, exploited missing permission checks to expose chat messages across different customer accounts (called cross-tenant impact, where one customer's data leaks to another) and allowed unauthorized access to uploaded files and internal system APIs.
Solution / Mitigation
All vulnerabilities except CVE-2026-41948 have been addressed in version 1.14.2, which was released last month. A fix for the remaining path traversal vulnerability (CVE-2026-41948) is expected to be made available in the next release of Dify.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/06/researchers-detail-difytap-flaws-in.html
First tracked: June 22, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%