CVE-2026-41949 | langgenius dify up to 1.14.1 File Preview Endpoint preview authorization (EUVD-2026-30774)

A vulnerability classified as problematic was found in langgenius dify up to 1.14.1. This affects an unknown part of the file /console/api/files/{file_id}/preview of the component File Preview Endpoint. The manipulation results in authorization bypass.

This vulnerability is identified as CVE-2026-41949. The attack can be executed remotely. There is not any exploit available.

It is advisable to implement a patch to correct this issue.VulDB Recent EntriesRead More