LFI stands for "Local File Inclusion." It refers to a type of vulnerability in web applications that allows an attacker to include or read files on the server. LFI vulnerabilities occur when an application accepts user input without properly sanitizing or validating it and uses that input to retrieve files from the local file system.