CVE-2025-45691

high

Red Hat

CVSS v3 Base Score

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published: March 5, 2026

Last Modified: March 5, 2026

Vendor: Red Hat

Description

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs.

CWE

CWE-918

Affected Products

Red Hat OpenShift AI (RHOAI)

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 adithyanak.com 🔗 github.com

CVE-2025-45691

Vulnerability Report

Description

CWE

Affected Products

References