PatchSiren

Vibrantlabsai CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Vibrantlabsai CVE published 2026-03-05

CVE-2025-45691

CVE-2025-45691 is an Arbitrary File Read vulnerability in the ImageTextPromptValue class of Exploding Gradients RAGAS versions 0.2.3 through 0.2.14. This vulnerability arises from inadequate validation and sanitization of URLs provided in the retrieved_contexts parameter when handling multimodal inputs. The vulnerability has a CVSS score of 7.5 and is classified as HIGH severity. The CVE was published on [truncated]