HIGH
Vibrantlabsai
CVE published 2026-03-05
CVE-2025-45691
CVE-2025-45691 is an Arbitrary File Read vulnerability in the ImageTextPromptValue class of Exploding Gradients RAGAS versions 0.2.3 through 0.2.14. This vulnerability arises from inadequate validation and sanitization of URLs provided in the retrieved_contexts parameter when handling multimodal inputs. The vulnerability has a CVSS score of 7.5 and is classified as HIGH severity. The CVE was published on [truncated]