CVE-2025-6855 | chatchat-space Langchain-Chatchat up to 0.3.1 /v1/file flag path traversal (Issue 5354)

Inserito da Angelo Barbosa | Giu 28, 2025 | CVE

A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traversal.

The identification of this vulnerability is CVE-2025-6855. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

CVE-2025-6855 | chatchat-space Langchain-Chatchat up to 0.3.1 /v1/file flag path traversal (Issue 5354)

Post correlati

CVE-2024-27088 | medikoo es5-ext up to 0.10.62 function#copy/function#toStringTokens redos (ID 201)

CVE-2024-53940 | Victure RX1800 WiFi 6 Router EN_V1.0.0_r12_110933 Ping Utility /cgi-bin/luci/admin command injection

CVE-2024-28090 | Technicolor TC8715D 01.EF.04.38.00-180405-S-FF9-D dyn_dns.asp User name cross site scripting

CVE-2022-49476 | Linux Kernel up to 5.17.13/5.18.2 mt7921_pci_remove null pointer dereference