{"uuid": "e39c6255-f6bd-408e-8986-ad16d792ccaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41947", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motmqfv2my2n", "content": "\ud83d\udea8  ALERT: CVE-2026-41947\n\nCVSS 9.1/10\n\n\ud83d\udccb WHAT IT IS:\nDify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant owners", "creation_timestamp": "2026-06-22T00:25:09.045512Z"}