DifyTap vulnerabilities in Dify expose AI chats across tenants

The Hacker News

Four vulnerabilities in the open-source platform Dify (146K+ GitHub stars) allow attackers to read AI conversations from other tenants' apps. DifyTap can be exploited without authentication, impacting cross-tenant isolation.

difyCybersecurity

The Hacker News

4 hours ago