CVE-2026-41950 langgenius CVE debrief

Who should care

Defenders of Dify installations, particularly those with multi-tenant setups, should be aware of this vulnerability. The issue affects Dify versions before 1.14.0, and upgrading to this version or later is recommended. Security teams should prioritize patching, as this vulnerability allows unauthorized access to sensitive file contents across tenants.

Technical summary

The vulnerability exists in Dify's chat-messages endpoints, where inadequate permission checks allow authenticated users to access files uploaded by other users within the same tenant. By providing an arbitrary file UUID in the files array of a chat-messages request, attackers can bypass workspace separation and signed URL protections to retrieve sensitive file contents. This issue is addressed in Dify version 1.14.0, which enhances permission verification and validation.

Defensive priority

Medium priority due to the need for authentication and the specificity of the attack vector, but high impact if exploited.

Recommended defensive actions

• Upgrade Dify to version 1.14.0 or later
• Review and enhance permission settings for chat-messages endpoints
• Monitor for suspicious file access requests across tenants
• Implement compensating controls to restrict file access
• Conduct a thorough inventory of Dify installations and their versions

Evidence notes

The CVE record and NVD detail provide the primary evidence for this vulnerability. The issue is confirmed to affect Dify versions before 1.14.0. Defenders should verify their Dify installations and upgrade to the patched version. The vulnerability allows unauthorized file access across tenants, bypassing workspace separation.

Official resources