CVE Daily

CVE-2025-21604

LangChain4j-AIDeepin is a Retrieval enhancement generation (RAG) project. Prior ...

Medium CVSS 6.9

Overview

LangChain4j-AIDeepin is a Retrieval enhancement generation (RAG) project. Prior to 3.5.0, LangChain4j-AIDeepin uses MD5 to hash files, which may cause file upload conflicts. This issue is fixed in 3.5.0.

CWE: CWE-328 Published: 2025-01-06T16:15:30.927
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.9 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags