216.73.217.98

CVE-2026-24770

· Published 27/01/2026 22:15 · Modified 27/01/2026 22:15

Labels: CVE-2026-24770 2026-01-27CVE-2026-24770CWE-22[email protected]

Essential information

Published
27/01/2026 22:15
Modified
27/01/2026 22:15
Author
Creator
CVSS
9.8 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In version 0.23.1 and possibly earlier versions, the MinerU parser contains a "Zip Slip" vulnerability, allowing an attacker to overwrite arbitrary files on the server (leading to Remote Code Execution) via a malicious ZIP archive. The MinerUParser class retrieves and extracts ZIP files from an external source (mineru_server_url). The extraction logic in `_extract_zip_no_root` fails to sanitize filenames within the ZIP archive. Commit 64c75d558e4a17a4a48953b4c201526431d8338f contains a patch for the issue.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
ragflow / ragflow cpe:2.3:a:ragflow:ragflow:<0.23.1:*:*:*:*:*:*:*
ragflow / ragflow cpe:2.3:a:ragflow:ragflow:0.23.1:*:*:*:*:*:*:*

References