logo

DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories

ID: 6b9d9844-04c6-55f6-9248-4c6668e927b2

STIX ID: report--6b9d9844-04c6-55f6-9248-4c6668e927b2

Feed Name: Dark Reading

Threat Score
72/100

Date Published: 2026-06-22

Date Updated: 2026-06-23

Author: Alexander Culafi

...
...

A set of four high-severity vulnerabilities dubbed "DifyTap" was disclosed in the open-source AI orchestration platform Dify (CVE-2026-41947, CVE-2026-41948, CVE-2026-41949, CVE-2026-41950). The flaws enable tracing hijacks that can exfiltrate chat histories, Plugin Daemon path traversal allowing access to internal debug endpoints, unauthorized document preview via UUIDs, and cross-tenant file leaks. Patches are available (Dify 1.14.2 and later; GitHub fix merged for CVE-2026-41948) and researchers recommend WAF rules for further mitigation; no active exploitation has been reported.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.