CVE-2025-69286

CRITICAL
Published Dec 31, 2025 Modified Jan 6, 2026 CWE-340

Description

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.22.0, the use of an insecure key generation algorithm in the API key and beta (assistant/agent share auth) token generation process allows these tokens to be mutually derivable. Specifically, both tokens are generated using the same `URLSafeTimedSerializer` with predictable inputs, enabling an unauthorized user who obtains the shared assistant/agent URL to derive the personal API key. This grants them full control over the assistant/agent owner's account. Version 0.22.0 fixes the issue.

CVSS v3.1 Score

9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-340 CWE-340

Affected Products

Vendor Product
infiniflow ragflow

References

Frequently Asked Questions

What is CVE-2025-69286? +
RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.22.0, the use of an insecure key generation algorithm in the API key and beta (assistant/agent share auth) token generation process allows these tokens to be mutually derivable. Specifically, both tokens are generated using the same `URLSafeTimedSerializer` with predictable inputs, enabling an unauthorized user who obtains the shared assistant/agent URL to derive the personal API key. This grants them full control over the assistant/agent owner's account. Version 0.22.0 fixes the issue. It has a CVSS v3.1 base score of 9.8 (CRITICAL).
How severe is CVE-2025-69286? +
CVE-2025-69286 has a CVSS v3.1 score of 9.8 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.
What products are affected by CVE-2025-69286? +
CVE-2025-69286 affects products from infiniflow, specifically: ragflow. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2025-69286? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2024-47945 9.8

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs …
CVE-2026-40496 9.1

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using …
CVE-2026-5081 9.1

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value …
CVE-2025-40925 9.1

Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with …
CVE-2024-7558 8.7

JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user …
CVE-2025-40920 8.6

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a …

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2025-69286 — free, no signup required.

Start Free Scan