LightRAG — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in LightRAG, with AI-generated Chinese analysis, references, and POCs.

Vendor: HKUDS

CVE ID	Title	CVSS	Severity	Published
CVE-2026-39413	LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API CWE-347	4.2	Medium	2026-04-08
CVE-2025-6773	HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal CWE-22	5.3	Medium	2025-06-27

All 2 known CVE vulnerabilities affecting LightRAG with full Chinese analysis, references, and POCs where available.