9 matches found
EUVD-2025-19421
Malicious code in bioql PyPI...
CVE-2025-6773
A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...
GHSA-V9W6-9HQ9-33CH HKUDS LightRAG allows Path Traversal via function upload_to_input_dir
A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...
CVE-2025-6773
A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...
CVE-2025-6773
A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...
CVE-2025-6773 HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal
A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...
CVE-2025-6773 HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal
A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...
CVE-2025-6773
HKUDS LightRAG up to 1.3.8 contains a path traversal flaw in lightrag/api/routers/document_routes.py, in upload_to_input_dir, caused by manipulating file.filename. Exploitation lets an attacker access or modify files on the local host. A patch is associated with commit 60777d535b719631680bcf5d096...
PT-2025-27252 · Unknown · Hkuds Lightrag
Name of the Vulnerable Software and Affected Versions: HKUDS LightRAG versions up to 1.3.8 Description: A critical vulnerability was found in the File Upload component of HKUDS LightRAG. The issue affects the upload to input dir function in the file lightrag/api/routers/document routes.py. The...