CVE-2025-6853 | chatchat-space Langchain-Chatchat up to 0.3.1 Backend upload_temp_docs flag path traversal (Issue 5352)

Inserito da Angelo Barbosa | Giu 28, 2025 | CVE

A vulnerability classified as critical has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This affects the function upload_temp_docs of the file /knowledge_base/upload_temp_docs of the component Backend. The manipulation of the argument flag leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-6853. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-6853 | chatchat-space Langchain-Chatchat up to 0.3.1 Backend upload_temp_docs flag path traversal (Issue 5352)

Post correlati

CVE-2024-12167 | Shortcodes Blocks Creator Ultimate Plugin up to 2.2.0 on WordPress Shortcode _wpnonce cross site scripting

CVE-2024-47604 | NuGet Gallery up to 2024.09.25 HTML Element HTML injection

CVE-2024-4289 | Sailthru Triggermail Plugin up to 1.1 on WordPress cross site scripting

CVE-2025-5985 | code-projects School Fees Payment System 1.0 improper authentication