CNNVD-202506-3682 Information

CNNVD ID

CNNVD-202506-3682

Related CVE

CVE-2025-6855

• CNNVD Published: 2025-06-29

Description (Chinese)

LangChain-Chatchat是Chatchat-Space开源的一个基于LangChain框架开发的聊天机器人软件。 LangChain-Chatchat 0.3.1及之前版本存在路径遍历漏洞，该漏洞源于对文件/v1/file中参数flag的错误操作导致路径遍历。

Description (English)

LangChain-Chatchat is a chat robot software based on the LangChain framework developed by the Chatchat-Space Open Source. Langchain-Chatchat 0.3.1 and previous versions have path-to-path loopholes, which stem from the error of the argument flag in file/v1/file.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

Chatchat-Space

Published

2025-06-29

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2025-6855 https://nvd.nist.gov/vuln/detail/CVE-2025-6855