Jinja2 Template Injection Vulnerability in RAGFlow Open-Source Engine
CVE-2026-45312

9.9CRITICAL

Key Information:

Vendor: Infiniflow
Status: Ragflow
Vendor: CVE Published:; 29 May 2026

What is CVE-2026-45312?

RAGFlow, an open-source engine focused on Retrieval-Augmented Generation, contains a vulnerability due to improper handling of Jinja2 templates in the prompt generator. Users with authentication can exploit this flaw to execute arbitrary operating system commands on the server. This allows a registered user to create a workflow that incorporates a DuckDuckGo search and LLM component chain, leading to server-side template injection (SSTI). The vulnerability is present in version 0.24.0 and earlier, posing a significant risk to server integrity.

Affected Version(s)

ragflow <= 0.24.0

References

https://github.com/infiniflow/ragflow/security/advisories...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2026
Vulnerability Reserved
May 11, 2026

CVE-2026-45312 Data

JSON

Infiniflow

What is CVE-2026-45312?

Affected Version(s)

References

CVSS V3.1

Timeline