Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 15 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-28797 RAGFlow: Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in Agent "Text Processing" Component infiniflowragflow--2026-04-03 21:41:54 Deep Dive
CVE-2026-24770 RAGFlow Affected by Zip Slip Remote Code Execution (RCE) in MinerUParser infiniflowragflow Critical 9.8 2026-01-27 21:51:45 Deep Dive
CVE-2025-69286 RAGFlow has Predictable Token Generation Leading to Authentication Bypass Vulnerability infiniflowragflow 中危 -2025-12-31 21:52:54 Deep Dive
CVE-2025-68700 RAGFlow Remote Code Execution Vulnerability infiniflowragflow 中危 -2025-12-31 21:17:40 Deep Dive
CVE-2025-48187 RAGFlow 安全漏洞 infiniflowRAGFlow Critical 9.1 2025-05-17 00:00:00 Deep Dive
CVE-2024-12779 SSRF in infiniflow/ragflow infiniflowinfiniflow/ragflow 中危 -2025-03-20 10:11:29 Deep Dive
CVE-2024-12869 Improper Authentication in infiniflow/ragflow infiniflowinfiniflow/ragflow 中危 -2025-03-20 10:11:20 Deep Dive
CVE-2024-12871 Stored Cross-site Scripting (XSS) in infiniflow/ragflow infiniflowinfiniflow/ragflow 中危 -2025-03-20 10:11:07 Deep Dive
CVE-2024-12450 RCE, Full Read SSRF, and Arbitrary File Read in infiniflow/ragflow infiniflowinfiniflow/ragflow 中危 -2025-03-20 10:11:05 Deep Dive
CVE-2024-12870 Stored Cross-site Scripting (XSS) in infiniflow/ragflow infiniflowinfiniflow/ragflow 中危 -2025-03-20 10:10:45 Deep Dive
CVE-2024-12433 Remote Code Execution in infiniflow/ragflow infiniflowinfiniflow/ragflow 超危 -2025-03-20 10:10:09 Deep Dive
CVE-2024-12880 Partial Account Takeover due to Insecure Data Querying in infiniflow/ragflow infiniflowinfiniflow/ragflow 高危 -2025-03-20 10:09:38 Deep Dive
CVE-2025-27135 RAGFlow SQL Injection vulnerability infiniflowragflow 中危 -2025-02-25 18:16:59 Deep Dive
CVE-2025-25282 Potential Insecure Direct Object Reference (IDOR) vulnerability in ragflow infiniflowragflow 高危 -2025-02-21 21:04:35 Deep Dive
CVE-2024-10131 Remote Code Execution in infiniflow/ragflow infiniflowinfiniflow/ragflow 中危 -2024-10-19 03:50:10 Deep Dive