anonhaven
Ad

CVE-2026-28797

HIGH CVSS 4.0: 8.7 EPSS 0.09%
Updated Apr 07, 2026
Python
Parameter Value
CVSS 8.7 (HIGH)
Type CWE-94 (Code Injection), CWE-78 (OS Command Injection), CWE-1336 (Template Injection), CWE-20 (Improper Input Validation)
Vendor Python
Public PoC No

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions 0.24.0 and prior, a Server-Side Template Injection (SSTI) vulnerability exists in RAGFlow's Agent workflow Text Processing (StringTransform) and Message components. These components use Python's jinja2.Template (unsandboxed) to render user-supplied templates, allowing any authenticated user to execute arbitrary operating system commands on the server.

At time of publication, there are no publicly available patches.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-94 Code Injection
CWE-78 OS Command Injection
CWE-1336 Template Injection
CWE-20 Improper Input Validation

References 1

https://github.com/infiniflow/ragflow/security/advisories/GHSA-vvwj-fvwh-4whx
security-advisories@github.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-40260

Python

6.9

CVE-2026-40947

Python

2.9

CVE-2026-40192

Python

8.7

CVE-2026-40683

Python

7.7

CVE-2026-5713

Python

5.3