Lucene search
+L

8 matches found

osv
osv
added 2026/07/07 4:3 p.m.7 views

PYSEC-2026-1560 llama-index-core vulnerable to Uncontrolled Resource Consumption

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

5.3CVSS6.2AI score0.0037EPSS
Exploits0References6
veracode
veracode
added 2026/02/05 9:30 a.m.7 views

Denial-of-Service (DoS)

llamaindex.core is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to uncontrolled memory consumption in SimpleDirectoryReader, where all files in a directory are loaded into memory before enforcing the numfileslimit, allowing large directories to exhaust memory and degrade or cra...

5.3CVSS5.5AI score0.0037EPSS
Exploits0References3Affected Software1
snyk
snyk
added 2026/02/02 1:58 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the SimpleDirectoryReader class readers/file/base.py. The configured numfileslimit is respected, but enforced after all...

6.9CVSS5.5AI score0.0037EPSS
Exploits0References2
nvd
nvd
added 2026/02/02 11:16 a.m.7 views

CVE-2025-6208

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

5.3CVSS0.0037EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/02 10:36 a.m.2 views

CVE-2025-6208 Uncontrolled Memory Consumption in run-llama/llama_index

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

5.3CVSS5.4AI score0.0037EPSS
Exploits0References2
cvelist
cvelist
added 2026/02/02 10:36 a.m.32 views

CVE-2025-6208 Uncontrolled Memory Consumption in run-llama/llama_index

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

5.3CVSS0.0037EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/02/02 10:36 a.m.4 views

CVE-2025-6208

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

5.3CVSS5.4AI score0.0037EPSS
Exploits0References3
cve
cve
added 2026/02/02 10:36 a.m.17 views

CVE-2025-6208

The CVE-2025-6208 issue affects llama_index.core, specifically the SimpleDirectoryReader class, where the configured num_files_limit is enforced after all files in a directory are loaded into memory. This causes uncontrolled memory consumption and potential DoS in resource-constrained environment...

5.3CVSS5.4AI score0.0037EPSS
Exploits0References2
Rows per page
Query Builder