CVE-2026-24770

Critical CVSS: 9.8

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In version 0.23.1 and possibly earlier versions, the MinerU parser contains a "Zip Slip" vulnerability, allowing an attacker to overwrite arbitrary files on the server (leading to Remote Code Execution) via a malicious ZIP archive. The MinerUParser class retrieves and extracts ZIP files from an external source (mineru_server_url). The extraction logic in `_extract_zip_no_root` fails to sanitize filenames within the ZIP archive. Commit 64c75d558e4a17a4a48953b4c201526431d8338f contains a patch for the issue.

Vendor

Infiniflow

Product

Ragflow

CWE

CWE-22

Yayın Tarihi

2026-01-27 22:15:56

Güncelleme

2026-01-30 21:53:46

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-22 Ragflow CRITICAL Infiniflow 2026

Referanslar

https://github.com/infiniflow/ragflow/commit/64c75d558e4a17a4a48953b4c201526431d8338f https://github.com/infiniflow/ragflow/security/advisories/GHSA-v7cf-w7gj-pgf4

Benzer Kayıtlar

High

CVE-2025-68700

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.23.0, a low-privileged aut…

High

CVE-2025-69286

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.22.0, the use of an insecu…

Medium

CVE-2025-51462

Stored Cross-site Scripting (XSS) vulnerability in api.apps.dialog_app.set_dialog in RAGFlow 0.17.2 allows remote attack…

Critical

CVE-2025-48187

RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against…

Medium

CVE-2024-12869

In infiniflow/ragflow version v0.12.0, there is an improper authentication vulnerability that allows a user to view anot…

Medium

CVE-2024-12871

An XSS vulnerability in infiniflow/ragflow version 0.12.0 allows an attacker to upload a malicious PDF file to the knowl…