Severity:
CRITICAL RISK
(9.8)
Zip Slip Path Traversal (CWE-22) in RAGFlow MinerU ZIP Extraction
CVE-2026-24770
Published:
Jan 27, 2026
Status:
Received
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Reference Link
Recent Vulnerabilities
CWE-79
(7.6)
Stored Cross-Site Scripting (CWE-79) in DNN Persona Bar Module Friendly Names
Stored Cross-Site Scripting leading to admin session compromise and UI takeover
January 27, 2026
CWE-79
(7.6)
Stored Cross-Site Scripting (CWE-79) in DNN PersonaBar Log Notes
Stored Cross-Site Scripting leading to privilege abuse in the admin UI
January 27, 2026
