Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/23 9:22 p.m.26 views

CVE-2025-25282

RAGFlow is an open-source RAG Retrieval-Augmented Generation engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference IDOR vulnerability that may lead to unauthorized cross-tenant access list tenant user accounts, add user account into...

8.1CVSS6.7AI score0.00449EPSS
Exploits1References1
Circl
Circl
added 2025/02/21 11:31 p.m.19 views

CVE-2025-25282

creationtimestamp| type| source ---|---|--- 2025-02-21 23:31:55+00:00| published-proof-of-concept| Telegram/z-TEGJuLb-MI9QSBe5sQLLsDPvx9hpDxWNGhFcSyGduHviQ 2025-02-21 23:48:55+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114044550171978219 2025-02-21 23:57:36+00:00| seen|...

8.1CVSS7.9AI score0.00449EPSS
Exploits1References2
NVD
NVD
added 2025/02/21 9:15 p.m.21 views

CVE-2025-25282

RAGFlow is an open-source RAG Retrieval-Augmented Generation engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference IDOR vulnerability that may lead to unauthorized cross-tenant access list tenant user accounts, add user account into...

8.1CVSS0.00449EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/21 9:4 p.m.17 views

CVE-2025-25282 Potential Insecure Direct Object Reference (IDOR) vulnerability in ragflow

RAGFlow is an open-source RAG Retrieval-Augmented Generation engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference IDOR vulnerability that may lead to unauthorized cross-tenant access list tenant user accounts, add user account into...

8.1CVSS8AI score0.00449EPSS
Exploits1References1
CVE
CVE
added 2025/02/21 9:4 p.m.91 views

CVE-2025-25282

CVE-2025-25282 pertains to RAGFlow, an open-source RAG engine. An authenticated user can exploit an Insecure Direct Object Reference (IDOR) vulnerability that enables unauthorized cross-tenant access, including listing tenant user accounts and adding users to other tenants. Affected behavior cent...

8.1CVSS6.8AI score0.00449EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder