CRITICAL
infiniflow
CVE published 2026-05-29
CVE-2026-45312
A critical server-side template injection (SSTI) vulnerability in RAGFlow's prompt generator enables authenticated remote code execution. The flaw resides in rag/prompts/generator.py where Jinja2 template rendering processes attacker-controlled input without sufficient sandboxing. Any authenticated user—including self-registered accounts—can exploit this by crafting a Canvas workflow that chains DuckDuckG [truncated]