{"uuid": "5aca9b73-a8c4-4725-9c11-b9ed002aa8ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24770", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/2514", "content": "\ud83d\udea8 CVE-2026-24770: RAGFlow RCE (Zip Slip) Weaponized PoC\n\nCritical unauthenticated RCE in RAGFlow\u2019s MinerUParser\u2014attackers can execute arbitrary commands. 3,000+ instances are currently exposed.\n\n\ud83d\udd0d Identify Targets via ZoomEye:\n\nFilter: vul.cve=\"CVE-2026-24770\"\n\nDork: app=\"RAGFlow\" \ud83d\udc49 ZoomEye Search Link https://www.zoomeye.ai/searchResult?q=dnVsLmN2ZT0iQ1ZFLTIwMjYtMjQ3NzAi&amp;utm_source=twitter&amp;utm_medium=social&amp;utm_campaign=cve_ops_20260209", "creation_timestamp": "2026-07-11T10:00:05.332434Z"}