CVE-2026-28797
RAGFlow: Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in Agent "Text Processing" Component
CVSS Score
8.8
EPSS Score
0.1%
EPSS Percentile
26th
RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions 0.24.0 and prior, a Server-Side Template Injection (SSTI) vulnerability exists in RAGFlow's Agent workflow Text Processing (StringTransform) and Message components. These components use Python's jinja2.Template (unsandboxed) to render user-supplied templates, allowing any authenticated user to execute arbitrary operating system commands on the server. At time of publication, there are no publicly available patches.
| CWE | CWE-20 CWE-78 CWE-94 CWE-1336 |
| Vendor | infiniflow |
| Product | ragflow |
| Published | Apr 3, 2026 |
| Last Updated | Apr 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for infiniflow ragflow
Be the first to know when new high vulnerabilities affecting infiniflow ragflow are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
infiniflow / ragflow
<= 0.24.0