What is the CVSS score of CVE-2025-45691?

CVE-2025-45691 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.1%.

Which versions of AI / ML are affected by CVE-2025-45691?

An arbitrary file read vulnerability in RAGAS v0.2.3-0.2.14 allows attackers to access sensitive files on systems running affected versions through maliciously crafted URL inputs.. A patch is available.

Is there a public PoC exploit available for CVE-2025-45691?

Yes, a public proof-of-concept exploit is available for CVE-2025-45691. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-45691?

Within 24 hours: Identify all systems running RAGAS versions 0.2.3 through 0.2.14 and isolate them from production if possible; disable multimodal input processing or the retrieved_contexts parameter if business logic permits. Within 7 days: Implement input validation and sanitization controls to reject suspicious URL patterns; establish monitoring for unusual file access patterns on affected systems. Within 30 days: Upgrade to RAGAS v0.2.15 or later once the patch is released; conduct forensic review of access logs to detect potential exploitation.

AI / ML CVE-2025-45691

HIGH

Path Traversal (CWE-22)

2026-03-05 cve@mitre.org

GHSA-v2xr-wvrv-p969

Path Traversal AI / ML Ragas Red Hat

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Red Hat

7.5 HIGH

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 22:06 vuln.today

PoC Detected

Mar 10, 2026 - 19:38 vuln.today

Public exploit code

CVE Published

Mar 05, 2026 - 19:16 nvd

HIGH 7.5

DescriptionCVE.org

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs.

AnalysisAI

Technical ContextAI

Classified as CWE-22 (Path Traversal). Affects the retrieved_contexts component of Ragas. An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs.

RemediationAI

Monitor vendor advisories for a patch. Validate and sanitize file path inputs. Use allowlists. Restrict network access to the affected service where possible.

Vendor StatusVendor

CVE-2025-45691 vulnerability details – vuln.today

Back

AI / ML CVE-2025-45691

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Vendor StatusVendor

Share

External POC / Exploit Code