Vulnerability Description
kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the index_fn method accepts both URLs and local file paths without validation. The pipeline streams these paths directly and stores them, enabling attackers to traverse directories (e.g. ../../../../../.env) and exfiltrate sensitive files. This issue has been patched via commit 37cdc28, in version 0.10.7 which has not been made public at time of publication.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://github.com/Cinnamon/kotaemon/commit/37cdc28ceb46e505d25221584daf1fe61e26
- https://github.com/Cinnamon/kotaemon/pull/755
- https://github.com/Cinnamon/kotaemon/security/advisories/GHSA-jw4w-xcvf-jq5x
FAQ
What is CVE-2025-53358?
CVE-2025-53358 is a vulnerability with a CVSS score of 6.5 (MEDIUM). kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the index_fn method accepts both URLs and local file paths wit...
How severe is CVE-2025-53358?
CVE-2025-53358 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-53358?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.