Unrated severityOSV Advisory· Published Dec 31, 2025· Updated Jan 2, 2026

RAGFlow has Predictable Token Generation Leading to Authentication Bypass Vulnerability

CVE-2025-69286

Description

RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions prior to 0.22.0, the use of an insecure key generation algorithm in the API key and beta (assistant/agent share auth) token generation process allows these tokens to be mutually derivable. Specifically, both tokens are generated using the same URLSafeTimedSerializer with predictable inputs, enabling an unauthorized user who obtains the shared assistant/agent URL to derive the personal API key. This grants them full control over the assistant/agent owner's account. Version 0.22.0 fixes the issue.

Affected products

Infiniflow/RagflowOSV
Range: v0.1.0, v0.10.0, v0.11.0, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/infiniflow/ragflow/blob/v0.20.5/api/apps/system_app.pymitrex_refsource_MISC
github.com/infiniflow/ragflow/blob/v0.20.5/api/utils/__init__.pymitrex_refsource_MISC
github.com/infiniflow/ragflow/blob/v0.20.5/api/utils/api_utils.pymitrex_refsource_MISC
github.com/infiniflow/ragflow/commit/a3bb4aadcc3494fb27f2a9933b4c46df8eb532e6mitrex_refsource_MISC
github.com/infiniflow/ragflow/security/advisories/GHSA-9j5g-g4xm-57w7mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000