101 matches found
PYSEC-2026-1559 LlamaIndex vulnerable to DoS attack through uncontrolled recursive JSON parsing
The JSONReader in run-llama/llamaindex versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to trigger a Denial of Service DoS by submitting deeply nested JSON structures, leading to a RecursionError and crashing...
PYSEC-2026-1566 LlamaIndex vulnerable to data loss through hash collisions in its DocugamiReader class
A vulnerability in the DocugamiReader class of the run-llama/llamaindex repository, up to but excluding version 0.12.41, involves the use of MD5 hashing to generate IDs for document chunks. This approach leads to hash collisions when structurally distinct chunks contain identical text, resulting ...
PYSEC-2026-1568 LlamaIndex is vulnerable to Path Traversal attack through its ObsidianReader class
A vulnerability in the ObsidianReader class in LlamaIndex Readers Integration: Obsidian before version 0.5.1 from the run-llama/llamaindex repository versions 0.12.23 to 0.12.28 allows for arbitrary file read through symbolic links. The ObsidianReader fails to resolve symlinks to their real paths...
PYSEC-2026-1564 LlamaIndex has Incomplete Documentation of Program Execution related to JsonPickleSerializer component
Incomplete Documentation of Program Execution exists in the run-llama/llamaindex library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer...
PYSEC-2026-395 LlamaIndex includes an exec call for `import {cls_name}`
An issue was discovered in llamaindex before 0.10.38. download/integration.py includes an exec call for import clsname...
From Storage to Steering: Memory Control Flow Attacks on LLM Agents
Modern agentic systems allow Large Language Model LLM agents to tackle complex tasks through extensive tool usage, forming structured control flows of tool selection and execution. Existing security analyses often treat these control flows as ephemeral, one-off sessions, overlooking the persisten...
LlamaIndex 资源管理错误漏洞
LlamaIndex is a data framework for an LLM application developed by LlamaIndex. Version 0.12.23 of LlamaIndex contains a vulnerability related to resource management. This vulnerability stems from a resource management flaw in the SimpleDirectoryReader component, which may lead to memory exhaustio...
CVE-2024-58339
LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...
PYSEC-2026-86
LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...
PYSEC-2026-86
LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...
PYSEC-2026-85
LlamaIndex run-llama/llamaindex versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.loadfromdisk in llamaindex/indices/managed/bgem3/base.py. The function uses pickle.load to deserialize multiembedstore.pkl from a user-supplied persistdir without...
CVE-2024-14021
LlamaIndex run-llama/llamaindex versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.loadfromdisk in llamaindex/indices/managed/bgem3/base.py. The function uses pickle.load to deserialize multiembedstore.pkl from a user-supplied persistdir without...
CVE-2024-14021 LlamaIndex <= 0.11.6 BGEM3Index Unsafe Deserialization
LlamaIndex run-llama/llamaindex versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.loadfromdisk in llamaindex/indices/managed/bgem3/base.py. The function uses pickle.load to deserialize multiembedstore.pkl from a user-supplied persistdir without...
CVE-2024-14021 LlamaIndex <= 0.11.6 BGEM3Index Unsafe Deserialization
LlamaIndex run-llama/llamaindex versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.loadfromdisk in llamaindex/indices/managed/bgem3/base.py. The function uses pickle.load to deserialize multiembedstore.pkl from a user-supplied persistdir without...
CVE-2024-14021 LlamaIndex <= 0.11.6 BGEM3Index Unsafe Deserialization
LlamaIndex run-llama/llamaindex versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.loadfromdisk in llamaindex/indices/managed/bgem3/base.py. The function uses pickle.load to deserialize multiembedstore.pkl from a user-supplied persistdir without...
CVE-2024-14021
Summary: CVE-2024-14021 affects LlamaIndex up to 0.11.6, where BGEM3Index.load_from_disk() deserializes multi_embed_store.pkl from a user-supplied persist_dir using pickle.load() without validation, enabling arbitrary code execution when the index is loaded from disk. This is reported across mult...
CVE-2024-58339
Summary: CVE-2024-58339 affects LlamaIndex up to 0.12.2, due to an uncontrolled resource‑consumption path in the VannaQueryEngine. The vulnerable code is in llama_index/packs/vanna/base.py, inside custom_query(), where SQL is generated from a user‑supplied prompt and executed via vn.run_sql() wit...
CVE-2024-58339 LlamaIndex <= 0.12.2 VannaQueryEngine SQL Execution Allows Resource Exhaustion
LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...
Malicious Package
Overview llamaindex-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in llamaindex-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1049a24d3b448f16e3c35acfe33ee0f28346e3a3e4908d0a033e58b0758bf4ef The package llamaindex-js was found to contain malicious code. Source: ghsa-malware 7f3515bafa1614c3bea7c792295bd9574fdf82e263b87963b347e4f082d0dc3f...