Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

infiniflow/ragflow — Vulnerabilities & Security Advisories 8

All 8 CVE vulnerabilities found in infiniflow/ragflow, with AI-generated Chinese analysis, references, and POCs.

Vendor: infiniflow

CVE IDTitleCVSSSeverityPublished
CVE-2024-12779 SSRF in infiniflow/ragflow CWE-918 7.5 -2025-03-20
CVE-2024-12869 Improper Authentication in infiniflow/ragflow CWE-306 3.5 -2025-03-20
CVE-2024-12871 Stored Cross-site Scripting (XSS) in infiniflow/ragflow CWE-79 5.4 -2025-03-20
CVE-2024-12450 RCE, Full Read SSRF, and Arbitrary File Read in infiniflow/ragflow CWE-918 9.1 -2025-03-20
CVE-2024-12870 Stored Cross-site Scripting (XSS) in infiniflow/ragflow CWE-79 6.1 -2025-03-20
CVE-2024-12433 Remote Code Execution in infiniflow/ragflow CWE-502 9.8 -2025-03-20
CVE-2024-12880 Partial Account Takeover due to Insecure Data Querying in infiniflow/ragflow CWE-639 8.1 -2025-03-20
CVE-2024-10131 Remote Code Execution in infiniflow/ragflow CWE-94 9.8 -2024-10-19

All 8 known CVE vulnerabilities affecting infiniflow/ragflow with full Chinese analysis, references, and POCs where available.