Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20218

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00281EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.6 views

The vulnerability of the ArxivReader framework for working with Large Language Models (LLMs) like LlamaIndex allows attackers to compromise the integrity of protected information.

The vulnerability of the ArxivReader framework for working with Large Language Models LLMs like LlamaIndex is related to a violation of expected behavior. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

5.3CVSS5.9AI score0.00281EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/07/07 12:30 p.m.5 views

GHSA-P7J4-JWJF-5X9W LlamaIndex vulnerability in ArxivReader class can cause MD5 hash collisions

A vulnerability in the ArxivReader class of the run-llama/llamaindex repository allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each other, preventing some papers from...

5.3CVSS5AI score0.00281EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/07/07 12:30 p.m.12 views

LlamaIndex vulnerability in ArxivReader class can cause MD5 hash collisions

A vulnerability in the ArxivReader class of the run-llama/llamaindex repository allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each other, preventing some papers from...

5.3CVSS5AI score0.00281EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2025/07/07 10:44 a.m.4 views

Expected Behavior Violation

Overview llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Expected Behavior Violation via the ArxivReader process. An attacker can cause data loss by uploading papers with identical titles but different contents, resulting in one paper...

6.9CVSS7AI score0.00281EPSS
Exploits1References2
NVD
NVD
added 2025/07/07 10:15 a.m.7 views

CVE-2025-3044

A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...

5.3CVSS0.00281EPSS
Exploits1References2
OSV
OSV
added 2025/07/07 10:15 a.m.4 views

CVE-2025-3044

A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...

5.3CVSS5AI score
Exploits0References2
Cvelist
Cvelist
added 2025/07/07 9:54 a.m.9 views

CVE-2025-3044 MD5 Hash Collision in run-llama/llama_index

A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...

5.3CVSS0.00281EPSS
Exploits1References2
CVE
CVE
added 2025/07/07 9:54 a.m.20 views

CVE-2025-3044

The CVE-2025-3044 affects the ArxivReader class in the llama_index project. Versions up to v0.12.22.post1 are vulnerable to MD5 hash collisions when generating filenames for downloaded papers, which can cause papers with identical titles but different contents to overwrite each other, leading to ...

5.3CVSS5.1AI score0.00281EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/07 9:54 a.m.4 views

CVE-2025-3044 MD5 Hash Collision in run-llama/llama_index

A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...

5.3CVSS7AI score0.00281EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.8 views

PT-2025-28148 · Unknown · Llama Index

Name of the Vulnerable Software and Affected Versions: llama index versions up to v0.12.22.post1 Description: A vulnerability in the ArxivReader class allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but...

5.3CVSS5AI score0.00281EPSS
Exploits1References11
Huntr
Huntr
added 2025/03/07 1:35 p.m.5 views

MD5 Hash Collision Causes Overwriting of Papers with the Same Title, Leading to Data Loss

Description The ArxivReader class in LlamaIndex is responsible for searching for papers on ArXiv, downloading them, and processing them for AI model training. The workflow of ArxivReader is as follows: 1. The user searches for a specific topic on ArXiv, retrieving a list of relevant papers. impor...

5.3CVSS6.6AI score0.00281EPSS
Exploits1
Rows per page
Query Builder