CVE-2025-6210 Hardlink-Based Path Traversal in run-llama/llama_index

A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, specifically in version 0.12.27, allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. T...

LlamaIndex 路径遍历漏洞

LlamaIndex is a data framework for LLM applications in the LlamaIndex open source. A path traversal vulnerability exists in LlamaIndex version 0.12.27, which stems from improper handling of hard links in the ObsidianReader class, which could lead to a path traversal attack...