Home > Vulnerability Database > CVE-2025-69286

Mend.io Vulnerability Database

CVE-2025-69286

Good to know:

Date: December 31, 2025

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.22.0, the use of an insecure key generation algorithm in the API key and beta (assistant/agent share auth) token generation process allows these tokens to be mutually derivable. Specifically, both tokens are generated using the same "URLSafeTimedSerializer" with predictable inputs, enabling an unauthorized user who obtains the shared assistant/agent URL to derive the personal API key. This grants them full control over the assistant/agent owner's account. Version 0.22.0 fixes the issue.

Severity Score

9.8

Related Resources (7)

Url: https://github.com/infiniflow/ragflow/security/advisories/GHSA-9j5g-g4xm-57w7

Url: https://github.com/infiniflow/ragflow/blob/v0.20.5/api/apps/system_app.py#L214-L215

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-69286

Url: https://github.com/infiniflow/ragflow/blob/v0.20.5/api/utils/__init__.py#L343

Url: https://github.com/infiniflow/ragflow/blob/v0.20.5/api/utils/api_utils.py#L378

Url: https://github.com/infiniflow/ragflow/commit/a3bb4aadcc3494fb27f2a9933b4c46df8eb532e6

Url: https://www.mend.io/vulnerability-database/CVE-2025-69286

Severity Score

9.8

Weakness Type (CWE)

Generation of Predictable Numbers or Identifiers

CWE-340

Top Fix

Upgrade Version

Upgrade to version https://github.com/infiniflow/ragflow.git - v0.22.0

Learn More

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-69286

Good to know:

Date: December 31, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?