CVE Catalog

CVE-2026-58579

MediumCVSS 5.4
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

An XSS vulnerability in RAGFlow before 0.26.3 allows an authenticated user to inject arbitrary JavaScript via the agent pipeline (DSL) node name. The code executes in the session of another workspace member who opens the dataflow result and clicks the rerun button.

Risk Assessment

An attacker can steal sessions and tokens of other users, leading to account takeover and unauthorized access to organizational data.

Recommendation

Upgrade RAGFlow to version 0.26.3 or later immediately and check for signs of exploitation in the production environment.

Original NVD description (English source)

RAGFlow before 0.26.3 stores an agent pipeline (DSL) node name without sanitization: the agent update endpoint normalizes the submitted DSL via normalize_dsl, which only performs JSON serialization validation and preserves the node name verbatim. The dataflow-result web UI then renders that name into the "Rerun from current step" confirmation modal via dangerouslySetInnerHTML, and the i18next configuration sets escapeValue:false, so the value is inserted into the DOM without HTML encoding. An authenticated workspace user who can create or edit an agent can inject arbitrary JavaScript that executes in the session of another workspace member who opens the dataflow result and clicks rerun, enabling session/token theft and account takeover across the user trust boundary.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS