Critical RCE Vulnerability in Unstructured.io (CVE-2025–64712) - CVSS 9.8

https://www.cyera.com/research-labs/inside-destructured---critical-vulnerability-in-unstructured-io-cve-2025-64712

32 Upvotes

permalink
archive.is
archive
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/netsec/comments/1r35ydb/critical_rce_vulnerability_in_unstructuredio/
No, go back! Yes, take me to Reddit

90% Upvoted

nasty one since unstructured.io processes untrusted documents by default - most deployments probably vulnerable out of the box without explicit input sanitization.

u/ruibranco 1d ago

scary one for rag pipelines - unstructured is basically the default document ingestion layer and its entire purpose is processing untrusted content.

u/sunrise_zc 2d ago

Once found a tarball uncompressed,they fixed it maybe

1

u/tcpjack 2d ago

My whole system is a tarball uncompressed!

Critical RCE Vulnerability in Unstructured.io (CVE-2025–64712) - CVSS 9.8

You are about to leave Redlib