CVE-2025-48187 — RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and p — CVE Database · The Intelligence Room