CVE-2026-45312

Name of the Vulnerable Software and Affected Versions RAGFlow versions prior to 0.24.1

Description A Server-Side Template Injection (SSTI) exists in the prompt generator located in rag/prompts/generator.py. This issue allows authenticated users to execute arbitrary operating system commands on the server. An attacker can trigger this by registering a normal account and creating a Canvas workflow utilizing a DuckDuckGo and LLM component chain. SSTI is a vulnerability where an attacker can inject malicious code into a template, which is then executed by the server's template engine.

Recommendations Update to a version later than 0.24.0.