Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-16322

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00112EPSS
Exploits1References3
Veracode
Veracodeadded 2025/05/29 11:11 a.m.4 views

OS Command Injection

LLama-Index CLI is vulnerable to OS Command Injection. The vulnerability is due to improper input handling due to unsanitized use of the --files argument passed directly into os.system, allowing arbitrary command execution...

7.8CVSS7.1AI score0.00112EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2025/05/28 10:15 a.m.11 views

CVE-2025-1753

LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...

7.8CVSS0.00112EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/05/28 9:34 a.m.13 views

CVE-2025-1753 Command Injection in LLama-Index CLI in run-llama/llama_index

LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...

7.8CVSS8.2AI score0.00112EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/05/28 9:34 a.m.19 views

CVE-2025-1753 Command Injection in LLama-Index CLI in run-llama/llama_index

LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...

7.8CVSS0.00112EPSS
Exploits1References2
Snyk
Snykadded 2025/05/28 9:34 a.m.3 views

Command Injection

Overview llama-index-cli is a llama-index cli Affected versions of this package are vulnerable to Command Injection through the CLI interface due to pasting the --files argument directly into os.system. An attacker who controls the content of this argument can execute arbitrary commands on the...

8.5CVSS7.9AI score0.00112EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/05/28 12:0 a.m.3 views

PT-2025-23074 · Unknown · Llama-Index Cli

Name of the Vulnerable Software and Affected Versions: LLama-Index CLI version v0.12.20 Description: The LLama-Index CLI contains an OS command injection issue due to the improper handling of the --files argument, which is directly passed into os.system. This allows an attacker who controls the...

7.8CVSS8.1AI score0.00112EPSS
Exploits1References12
Huntr
Huntradded 2025/02/27 9:33 a.m.6 views

Command injection in LLama-Index CLI

Description There is an OS command injection vulnerability in the LLama-Index CLI. Because of pasting the --files argument directly into os.system, an attacker who controls the content of this argument can inject shell commands. The vulnerability was marked as "Local" in the CVSS rating because t...

7.8CVSS8.7AI score0.00112EPSS
Exploits1
Rows per page
Query Builder