Critical flaws in Dify AI expose tenant data to attackers

ZAFRAN Security has identified four critical vulnerabilities in the open-source AI platform Dify, potentially allowing attackers to access sensitive data from other users in multi-tenant configurations. The vulnerabilities include issues with Dify’s tracing functionality, plugin daemon, and file access permissions, with CVSS scores ranging from 9.1 to 9.4. Attackers can exploit these flaws to read private chats, execute unauthorized API calls, and retrieve files uploaded by other tenants. Dify has released version 1.14.2, addressing these issues, and users are urged to update to this version and implement specific security measures.