BREAKING
DifyTap: 4 Flaws Hit Dify Platform
0
GitHub stars
0
M+
hosted apps
0
DifyTap flaws
Four CVEs and Their Severity
41948
9.4
41947
9.1
41949
7.5
41950
6.5
How an Attacker Could Exfiltrate
1
Self-register free
↓
2
Read others' docs by UUID
↓
3
Abuse Trace settings
↓
4
Persistent exfiltration
Fixed vs Still Pending
Fixed in v1.14.2
Patched
●
CVE-2026-41947
●
CVE-2026-41949
●
CVE-2026-41950
Still Pending
Open
●
CVE-2026-41948 path traversal
●
Slated for next release
Update Dify to the Latest Version
AI NEWS BLITZ
Four new vulnerabilities in Dify could expose AI chats across tenants.