Critical severity9.4NVD Advisory· Published May 18, 2026· Updated May 26, 2026
CVE-2026-41948
CVE-2026-41948
Description
Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant path using unencoded dot sequences in task identifiers or manipulated filename parameters to access internal endpoints such as debug interfaces, requiring only knowledge of the victim tenant's UUID. NOTE: Dify Cloud allows unauthenticated free self-registration, making account creation trivially accessible to any attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 2 more
- (no CPE)
- cpe:2.3:a:dify:dify:*:*:*:*:*:*:*:*range: <=1.14.1
- (no CPE)range: <=1.14.1
Patches
Vulnerability mechanics
References
3- github.com/langgenius/dify/pull/35796nvdIssue TrackingMitigationPatch
- huntr.com/bounties/35b7ad59-e35d-443f-bf77-387bfb932ec0nvdExploitThird Party Advisory
- www.vulncheck.com/advisories/dify-path-traversal-via-plugin-daemon-internal-api-accessnvdThird Party Advisory
News mentions
5- 29th June – Threat Intelligence ReportCheck Point Research · Jun 29, 2026
- Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million AppsSecurityWeek · Jun 23, 2026
- DifyTap Flaws Allow Attackers to Wiretap AI Data Across Tenants – 1M+ Apps ImpactedCyber Security News · Jun 23, 2026
- DifyTap Bugs Let Attackers 'Wiretap' AI Chat HistoriesDark Reading · Jun 22, 2026
- Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across TenantsThe Hacker News · Jun 22, 2026