Vulnerabilities > Infiniflow

DATE CVE VULNERABILITY TITLE RISK
2024-10-19 CVE-2024-10131 Command Injection vulnerability in Infiniflow Ragflow 0.11.0
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability.
network
low complexity
infiniflow CWE-77
8.8