VYPR
Medium severity6.5OSV Advisory· Published Jul 2, 2025· Updated Jun 17, 2026

CVE-2025-53358

CVE-2025-53358

Description

kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the index_fn method accepts both URLs and local file paths without validation. The pipeline streams these paths directly and stores them, enabling attackers to traverse directories (e.g. ../../../../../.env) and exfiltrate sensitive files. This issue has been patched via commit 37cdc28, in version 0.10.7 which has not been made public at time of publication.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Cinnamon/KotaemonOSV2 versions
    v0.0.0, v0.1.0, v0.10.0, …+ 1 more
    • (no CPE)range: v0.0.0, v0.1.0, v0.10.0, …
    • (no CPE)range: <=0.10.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.