PatchSiren

langgenius CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH langgenius CVE published 2026-07-10

CVE-2026-61461

CVE-2026-61461 is a SQL injection vulnerability in Dify before 1.16.0-rc1. The vulnerability allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the search_by_full_text method without escaping or parameterization. Attackers can inject malicious SQL through the search parameters to read, modify, or delete data in the underlying ClickHouse database. This vulnerability has [truncated]

HIGH langgenius CVE published 2026-05-18

CVE-2026-41949

Dify versions 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint (`/console/api/files/{file_id}/preview`). An authenticated attacker can read up to 3,000 characters of any uploaded document across all tenants and workspaces by supplying only the file's UUID, without ownership or workspace permission verification. The vulnerability is rated HIGH severity (CVSS 4.0 s [truncated]

CRITICAL langgenius CVE published 2026-05-18

CVE-2026-41948

A critical path traversal vulnerability in Dify (versions ≤1.14.1) allows authenticated attackers to escape tenant isolation boundaries and access the Plugin Daemon's internal REST API. The flaw stems from insufficient URL path sanitization, enabling traversal via unencoded dot sequences in task identifiers or manipulated filename parameters. Attackers with knowledge of a victim tenant's UUID can reach in [truncated]

CRITICAL langgenius CVE published 2026-05-18

CVE-2026-41947

A critical authorization bypass vulnerability in Dify (versions 1.14.1 and prior) allows authenticated editor users to manipulate trace configurations for applications outside their tenant scope. The flaw stems from missing tenant ownership validation in trace configuration endpoints, enabling attackers to redirect messages and responses from victim applications to attacker-controlled LLM trace providers. [truncated]

MEDIUM langgenius CVE published 2026-05-05

CVE-2026-41950

CVE-2026-41950 is a medium-severity authorization bypass vulnerability in Dify, a platform powering 1 million apps, before version 1.14.0. The issue allows authenticated users to read the full contents of files uploaded by other users within the same tenant by supplying an arbitrary file UUID in chat-messages requests. This is possible due to insufficient permission verification in chat-messages endpoints [truncated]