CVE-2026-34082
Authorization Bypass in Dify Allows Unauthorized Chat Deletion
Publication date: 2026-04-20
Last updated on: 2026-04-23
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dify | dify | to 1.13.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows any authenticated user to delete another user's chat history due to poor authorization checks. This could lead to unauthorized data modification or loss, which may impact compliance with data protection regulations such as GDPR or HIPAA that require strict controls over access and modification of personal or sensitive data.
Specifically, the ability for users to delete others' chat histories without proper authorization could violate principles of data integrity and accountability mandated by these standards.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring and testing the DELETE API endpoint `/console/api/installed-apps/<appId>/conversations/<conversationId>` for improper authorization checks.
A practical approach involves capturing conversation IDs from GET requests to `/console/api/installed-apps/<appId>/conversations` and then attempting to issue DELETE requests to the same endpoint using those IDs while authenticated as different users.
If a user can delete conversations that do not belong to them, the system is vulnerable.
Suggested commands using curl for detection might be:
- 1. Authenticate as User A and list conversations: `curl -H "Authorization: Bearer <tokenA>" https://<dify-host>/console/api/installed-apps/<appId>/conversations`
- 2. Extract a conversationId from the response belonging to User A.
- 3. Authenticate as User B and attempt to delete User A's conversation: `curl -X DELETE -H "Authorization: Bearer <tokenB>" https://<dify-host>/console/api/installed-apps/<appId>/conversations/<conversationId>`
If the DELETE request succeeds, the vulnerability is present.
Can you explain this vulnerability to me?
This vulnerability exists in the Dify open-source LLM app development platform prior to version 1.13.1. The issue is in the DELETE API endpoint for removing conversations associated with installed apps. Specifically, the method DELETE /console/api/installed-apps/<appId>/conversations/<conversationId> has poor authorization checks, which means any user authenticated with Dify can delete chat histories belonging to other users.
How can this vulnerability impact me? :
The vulnerability allows any authenticated user to delete chat histories of other users without proper authorization. This can lead to loss of important conversation data, potential disruption of services relying on chat history, and unauthorized modification or deletion of user data.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade Dify to version 1.13.1 or later, as this version patches the authorization issue allowing unauthorized deletion of chat history.