Ragflow Security Vulnerabilities and Issues — Ragflow CVE List

Lucene search

InfiniflowRagflow

9 matches found

CVE•added 2025/02/25 7:15 p.m.•69 views

CVE-2025-27135

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. Versions 0.15.1 and prior are vulnerable to SQL injection. The ExeSQL component extracts the SQL statement from the input and sends it directly to the database query. As of time of publication, no patched version is available.

9.8CVSS7.4AI score0.00048EPSS

CVE•added 2025/02/21 9:15 p.m.•68 views

CVE-2025-25282

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability that may lead to unauthorized cross-tenant access (list tenant user accounts, add user account into...

8.1CVSS6.8AI score0.00036EPSS

CVE•added 2025/03/20 10:15 a.m.•66 views

CVE-2024-12779

A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the POST /v1/llm/add_llm and POST /v1/conversation/tts endpoints. Attackers can specify an arbitrary URL as the api_base when adding an OPENAITTS model, and subsequently a...

7.5CVSS6.5AI score0.00064EPSS

CVE•added 2025/03/20 10:15 a.m.•61 views

CVE-2024-12880

A vulnerability in infiniflow/ragflow version RAGFlow-0.13.0 allows for partial account takeover via insecure data querying. The issue arises from the way tenant IDs are handled in the application. If a user has access to multiple tenants, they can manipulate their tenant access to query and access...

8.1CVSS7.9AI score0.00049EPSS

CVE•added 2025/03/20 10:15 a.m.•41 views

CVE-2024-12869

In infiniflow/ragflow version v0.12.0, there is an improper authentication vulnerability that allows a user to view another user's invite list. This can lead to a privacy breach where users' personal or private information, such as email addresses or usernames in the invite list, could be exposed w...

4.3CVSS6.9AI score0.00054EPSS

CVE•added 2025/03/20 10:15 a.m.•41 views

CVE-2024-12871

An XSS vulnerability in infiniflow/ragflow version 0.12.0 allows an attacker to upload a malicious PDF file to the knowledge base. When the file is viewed within Ragflow, the payload is executed in the context of the user's browser. This can lead to session hijacking, data exfiltration, or unauthor...

5.4CVSS5.3AI score0.00049EPSS

CVE•added 2025/03/20 10:15 a.m.•40 views

CVE-2024-12450

In infiniflow/ragflow versions 0.12.0, the web_crawl function in document_app.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF f...

9.8CVSS7.6AI score0.00167EPSS

CVE•added 2025/03/20 10:15 a.m.•35 views

CVE-2024-12433

A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-token4kevinhu'' which can be easily fetched by attackers to join the group communication without restrictions. Additionally, the server ...

9.8CVSS9.5AI score0.00861EPSS

CVE•added 2025/05/17 1:15 p.m.•32 views

CVE-2025-48187

RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and password reset. Codes are six digits and there is no rate limiting.

9.8CVSS9.3AI score0.00059EPSS