Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/llama-index@0.8.63.post2

Type pypi

Namespace

Name llama-index

Version 0.8.63.post2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 0.13.0

Latest_non_vulnerable_version 0.13.0

Affected_by_vulnerabilities

url VCID-42vx-wn51-qyhn

vulnerability_id VCID-42vx-wn51-qyhn

summary A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12909

reference_id

reference_type

scores

value	0.0413
scoring_system	epss
scoring_elements	0.88891
published_at	2026-06-11T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88929
published_at	2026-06-12T12:55:00Z

value	0.0413
scoring_system	epss
scoring_elements	0.88935
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12909

reference_url

https://github.com/run-llama/llama_index/tree/stale_packages/llama-index-packs/llama-index-packs-finchat

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/run-llama/llama_index/tree/stale_packages/llama-index-packs/llama-index-packs-finchat

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-12909

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-12909

reference_url

https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f

reference_id

44e8177f-200a-4ba3-a12c-8bc21e313a3f

reference_type

scores

value	10
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:51:29Z/

url

https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f

reference_url

https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75

reference_id

5d03c175476452db9b8abcdb7d5767dd7b310a75

reference_type

scores

value	10
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:51:29Z/

url

https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75

reference_url

https://github.com/advisories/GHSA-x48g-hm9c-ww42

reference_id

GHSA-x48g-hm9c-ww42

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-x48g-hm9c-ww42

fixed_packages

url pkg:pypi/llama-index@0.12.4

purl pkg:pypi/llama-index@0.12.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kef8-9x8x-7qbf

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-uxre-3rx7-1ffw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.12.4

aliases CVE-2024-12909, GHSA-x48g-hm9c-ww42

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42vx-wn51-qyhn

url VCID-4gnz-yvuj-j7b9

vulnerability_id VCID-4gnz-yvuj-j7b9

summary LlamaIndex (run-llama/llama_index) versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The custom_query() logic generates SQL statements from a user-supplied prompt and executes them via vn.run_sql() without enforcing query execution limits In downstream deployments where untrusted users can supply prompts, an attacker can trigger expensive or unbounded SQL operations that exhaust CPU or memory resources, resulting in a denial-of-service condition. The vulnerable execution path occurs in llama_index/packs/vanna/base.py within custom_query().

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-58339

reference_id

reference_type

scores

value	0.00144
scoring_system	epss
scoring_elements	0.3444
published_at	2026-06-11T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34621
published_at	2026-06-14T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34641
published_at	2026-06-13T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34617
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-58339

reference_url

https://huntr.com/bounties/a1d6c30d-fce0-412a-bd22-14e0d4c1fa1f

reference_id

a1d6c30d-fce0-412a-bd22-14e0d4c1fa1f

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T17:18:23Z/

url

https://huntr.com/bounties/a1d6c30d-fce0-412a-bd22-14e0d4c1fa1f

reference_url

https://github.com/run-llama/llama_index

reference_id

llama_index

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T17:18:23Z/

url

https://github.com/run-llama/llama_index

reference_url

https://www.vulncheck.com/advisories/llamaindex-vannaqueryengine-sql-execution-allows-resource-exhaustion

reference_id

llamaindex-vannaqueryengine-sql-execution-allows-resource-exhaustion

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T17:18:23Z/

url

https://www.vulncheck.com/advisories/llamaindex-vannaqueryengine-sql-execution-allows-resource-exhaustion

reference_url

https://www.llamaindex.ai/

reference_id

www.llamaindex.ai

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T17:18:23Z/

url

https://www.llamaindex.ai/

fixed_packages

url pkg:pypi/llama-index@0.12.3

purl pkg:pypi/llama-index@0.12.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42vx-wn51-qyhn

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kef8-9x8x-7qbf

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-uxre-3rx7-1ffw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.12.3

aliases CVE-2024-58339, PYSEC-2026-86

risk_score 3.9

exploitability 0.5

weighted_severity 7.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4gnz-yvuj-j7b9

url VCID-52ev-rnu6-2bd2

vulnerability_id VCID-52ev-rnu6-2bd2

summary LlamaIndex (aka llama_index) through 0.9.34 allows SQL injection via the Text-to-SQL feature in NLSQLTableQueryEngine, SQLTableRetrieverQueryEngine, NLSQLRetriever, RetrieverQueryEngine, and PGVectorSQLQueryEngine. For example, an attacker might be able to delete this year's student records via "Drop the Students table" within English language input.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-23751

reference_id

reference_type

scores

value	0.00213
scoring_system	epss
scoring_elements	0.44121
published_at	2026-06-12T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.44127
published_at	2026-06-14T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43967
published_at	2026-06-11T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.44139
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-23751

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2024-12.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2024-12.yaml

reference_url

https://github.com/run-llama/llama_index/issues/9957

reference_id

9957

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-22T18:43:51Z/

url

https://github.com/run-llama/llama_index/issues/9957

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-23751

reference_id

CVE-2024-23751

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-23751

reference_url

https://github.com/advisories/GHSA-2jxw-4hm4-6w87

reference_id

GHSA-2jxw-4hm4-6w87

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2jxw-4hm4-6w87

fixed_packages

url pkg:pypi/llama-index@0.9.35

purl pkg:pypi/llama-index@0.9.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42vx-wn51-qyhn

vulnerability	VCID-4gnz-yvuj-j7b9

vulnerability	VCID-52ev-rnu6-2bd2

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kef8-9x8x-7qbf

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-m1xa-bext-83bg

vulnerability	VCID-n88g-cwbj-hfgc

vulnerability	VCID-uxre-3rx7-1ffw

vulnerability	VCID-y5h5-cjme-jkf6

vulnerability	VCID-z131-hxnn-nyax

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.9.35

aliases CVE-2024-23751, GHSA-2jxw-4hm4-6w87, PYSEC-2024-12

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-52ev-rnu6-2bd2

url VCID-ceq2-zgaf-4khp

vulnerability_id VCID-ceq2-zgaf-4khp

summary The llama_index library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, data tampering, or privilege escalation. The vulnerability arises from the use of a shared cache directory instead of a user-specific one, making it susceptible to local data tampering and denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7707.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7707.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-7707

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.08331
published_at	2026-06-14T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.08333
published_at	2026-06-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.08293
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-7707

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2403577
reference_id	2403577
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2403577

reference_url

https://huntr.com/bounties/3fe2c8ab-6727-4aef-a0ef-4d2818e48803

reference_id

3fe2c8ab-6727-4aef-a0ef-4d2818e48803

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-14T14:32:21Z/

url

https://huntr.com/bounties/3fe2c8ab-6727-4aef-a0ef-4d2818e48803

reference_url

https://github.com/run-llama/llama_index/commit/98816394d57c7f53f847ed7b60725e69d0e7aae4

reference_id

98816394d57c7f53f847ed7b60725e69d0e7aae4

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-14T14:32:21Z/

url

https://github.com/run-llama/llama_index/commit/98816394d57c7f53f847ed7b60725e69d0e7aae4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-7707

reference_id

CVE-2025-7707

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-7707

reference_url

https://github.com/advisories/GHSA-rg9h-vx28-xxp5

reference_id

GHSA-rg9h-vx28-xxp5

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rg9h-vx28-xxp5

fixed_packages

url	pkg:pypi/llama-index@0.13.0
purl	pkg:pypi/llama-index@0.13.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.13.0

aliases CVE-2025-7707, GHSA-rg9h-vx28-xxp5

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ceq2-zgaf-4khp

url VCID-kdxg-cepu-k7c6

vulnerability_id VCID-kdxg-cepu-k7c6

summary Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the llama-index library in a web application.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1793.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1793.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1793

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.18283
published_at	2026-06-12T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18279
published_at	2026-06-14T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18304
published_at	2026-06-13T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18121
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1793

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-1793

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-1793

reference_url

https://github.com/run-llama/llama_index/commit/0008041e8dde8e519621388e5d6f558bde6ef42e

reference_id

0008041e8dde8e519621388e5d6f558bde6ef42e

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-06-05T13:28:44Z/

url

https://github.com/run-llama/llama_index/commit/0008041e8dde8e519621388e5d6f558bde6ef42e

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370381
reference_id	2370381
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370381

reference_url

https://huntr.com/bounties/8cb1555a-9655-4122-b0d6-60059e79183c

reference_id

8cb1555a-9655-4122-b0d6-60059e79183c

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-06-05T13:28:44Z/

url

https://huntr.com/bounties/8cb1555a-9655-4122-b0d6-60059e79183c

reference_url

https://github.com/advisories/GHSA-v3c8-3pr6-gr7p

reference_id

GHSA-v3c8-3pr6-gr7p

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v3c8-3pr6-gr7p

fixed_packages

url pkg:pypi/llama-index@0.12.28

purl pkg:pypi/llama-index@0.12.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9nry-wte8-3fbf

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kuwz-n7tn-v3f6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.12.28

aliases CVE-2025-1793, GHSA-v3c8-3pr6-gr7p

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdxg-cepu-k7c6

url VCID-kef8-9x8x-7qbf

vulnerability_id VCID-kef8-9x8x-7qbf

summary A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12704.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12704.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12704

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.58047
published_at	2026-06-14T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.58042
published_at	2026-06-12T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.5793
published_at	2026-06-11T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.58058
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12704

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-12704

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-12704

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2353770
reference_id	2353770
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2353770

reference_url

https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a

reference_id

a0b638fd-21c6-4ba7-b381-6ab98472a02a

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:54:16Z/

url

https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a

reference_url

https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05

reference_id

d1ecfb77578d089cbe66728f18f635c09aa32a05

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:54:16Z/

url

https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05

reference_url

https://github.com/advisories/GHSA-j3wr-m6xh-64hg

reference_id

GHSA-j3wr-m6xh-64hg

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-j3wr-m6xh-64hg

fixed_packages

url pkg:pypi/llama-index@0.12.6

purl pkg:pypi/llama-index@0.12.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-uxre-3rx7-1ffw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.12.6

aliases CVE-2024-12704, GHSA-j3wr-m6xh-64hg

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kef8-9x8x-7qbf

url VCID-kuwz-n7tn-v3f6

vulnerability_id VCID-kuwz-n7tn-v3f6

summary A vulnerability in the DocugamiReader class of the run-llama/llama_index repository, up to version 0.12.28, involves the use of MD5 hashing to generate IDs for document chunks. This approach leads to hash collisions when structurally distinct chunks contain identical text, resulting in one chunk overwriting another. This can cause loss of semantically or legally important document content, breakage of parent-child chunk hierarchies, and inaccurate or hallucinated responses in AI outputs. The issue is resolved in version 0.3.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6211.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6211.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-6211

reference_id

reference_type

scores

value	0.00301
scoring_system	epss
scoring_elements	0.53944
published_at	2026-06-14T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53941
published_at	2026-06-12T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53815
published_at	2026-06-11T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53958
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-6211

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-6211

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-6211

reference_url

https://huntr.com/bounties/1a48a011-a3c5-4979-9ffc-9652280bc389

reference_id

1a48a011-a3c5-4979-9ffc-9652280bc389

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:13:09Z/

url

https://huntr.com/bounties/1a48a011-a3c5-4979-9ffc-9652280bc389

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2379311
reference_id	2379311
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2379311

reference_url

https://github.com/run-llama/llama_index/commit/29b2e07e64ed7d302b1cc058185560b28eaa1352

reference_id

29b2e07e64ed7d302b1cc058185560b28eaa1352

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:13:09Z/

url

https://github.com/run-llama/llama_index/commit/29b2e07e64ed7d302b1cc058185560b28eaa1352

reference_url

https://github.com/advisories/GHSA-5hq9-5r78-2gjh

reference_id

GHSA-5hq9-5r78-2gjh

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5hq9-5r78-2gjh

fixed_packages

url pkg:pypi/llama-index@0.12.41

purl pkg:pypi/llama-index@0.12.41

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ceq2-zgaf-4khp

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.12.41

aliases CVE-2025-6211, GHSA-5hq9-5r78-2gjh

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwz-n7tn-v3f6

url VCID-m1xa-bext-83bg

vulnerability_id VCID-m1xa-bext-83bg

summary A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12911.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12911.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12911

reference_id

reference_type

scores

value	0.00272
scoring_system	epss
scoring_elements	0.51091
published_at	2026-06-14T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.5109
published_at	2026-06-12T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50959
published_at	2026-06-11T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.51103
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12911

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-12911

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-12911

reference_url

https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3

reference_id

095f9e67-311d-494c-99c5-5e61a0adb8f3

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:50:15Z/

url

https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2353719
reference_id	2353719
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2353719

reference_url

https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e

reference_id

bf282074e20e7dafd5e2066137dcd4cd17c3fb9e

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:50:15Z/

url

https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e

reference_url

https://github.com/advisories/GHSA-jmgm-gx32-vp4w

reference_id

GHSA-jmgm-gx32-vp4w

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jmgm-gx32-vp4w

fixed_packages

url pkg:pypi/llama-index@0.12.3

purl pkg:pypi/llama-index@0.12.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42vx-wn51-qyhn

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kef8-9x8x-7qbf

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-uxre-3rx7-1ffw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.12.3

aliases CVE-2024-12911, GHSA-jmgm-gx32-vp4w

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1xa-bext-83bg

url VCID-n88g-cwbj-hfgc

vulnerability_id VCID-n88g-cwbj-hfgc

summary A command injection vulnerability exists in the RunGptLLM class of the llama_index library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models (LLMs). The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine. This issue was fixed in version 0.10.13. The exploitation of this vulnerability could lead to a hosting provider gaining full control over client machines.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-4181

reference_id

reference_type

scores

value	0.01615
scoring_system	epss
scoring_elements	0.822
published_at	2026-06-11T12:55:00Z

value	0.01615
scoring_system	epss
scoring_elements	0.82264
published_at	2026-06-14T12:55:00Z

value	0.01615
scoring_system	epss
scoring_elements	0.82261
published_at	2026-06-12T12:55:00Z

value	0.01615
scoring_system	epss
scoring_elements	0.8227
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-4181

reference_url

https://huntr.com/bounties/1a204520-598a-434e-b13d-0d34f2a5ddc1

reference_id

1a204520-598a-434e-b13d-0d34f2a5ddc1

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T16:10:22Z/

url

https://huntr.com/bounties/1a204520-598a-434e-b13d-0d34f2a5ddc1

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-4181

reference_id

CVE-2024-4181

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-4181

reference_url

https://github.com/run-llama/llama_index/commit/d73715eaf0642705583e7897c78b9c8dd2d3a7ba

reference_id

d73715eaf0642705583e7897c78b9c8dd2d3a7ba

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T16:10:22Z/

url

https://github.com/run-llama/llama_index/commit/d73715eaf0642705583e7897c78b9c8dd2d3a7ba

reference_url

https://github.com/advisories/GHSA-pw38-xv9x-h8ch

reference_id

GHSA-pw38-xv9x-h8ch

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pw38-xv9x-h8ch

fixed_packages

url pkg:pypi/llama-index@0.10.13

purl pkg:pypi/llama-index@0.10.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42vx-wn51-qyhn

vulnerability	VCID-4gnz-yvuj-j7b9

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kef8-9x8x-7qbf

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-m1xa-bext-83bg

vulnerability	VCID-uxre-3rx7-1ffw

vulnerability	VCID-y5h5-cjme-jkf6

vulnerability	VCID-z131-hxnn-nyax

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.10.13

aliases CVE-2024-4181, GHSA-pw38-xv9x-h8ch

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n88g-cwbj-hfgc

url VCID-uxre-3rx7-1ffw

vulnerability_id VCID-uxre-3rx7-1ffw

summary A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index repository, version latest, allows an attacker to cause a Denial of Service (DoS) by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the `get_article_urls` method, exhausting system resources and potentially crashing the application.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12910.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12910.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12910

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.58047
published_at	2026-06-14T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.58042
published_at	2026-06-12T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.5793
published_at	2026-06-11T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.58058
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12910

reference_url

https://github.com/advisories/GHSA-jvpf-xf32-2w4q

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jvpf-xf32-2w4q

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2025-11.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2025-11.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-12910

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-12910

reference_url

https://github.com/run-llama/llama_index/commit/159ce485a1168100bb219dc1b93133f1121579d9

reference_id

159ce485a1168100bb219dc1b93133f1121579d9

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T13:55:55Z/

url

https://github.com/run-llama/llama_index/commit/159ce485a1168100bb219dc1b93133f1121579d9

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2353537
reference_id	2353537
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2353537

reference_url

https://huntr.com/bounties/27883f22-35ff-49df-aaa5-05031c7d6ad8

reference_id

27883f22-35ff-49df-aaa5-05031c7d6ad8

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T13:55:55Z/

url

https://huntr.com/bounties/27883f22-35ff-49df-aaa5-05031c7d6ad8

fixed_packages

url pkg:pypi/llama-index@0.12.9

purl pkg:pypi/llama-index@0.12.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kuwz-n7tn-v3f6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.12.9

aliases CVE-2024-12910, GHSA-jvpf-xf32-2w4q, PYSEC-2025-11

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uxre-3rx7-1ffw

url VCID-y5h5-cjme-jkf6

vulnerability_id VCID-y5h5-cjme-jkf6

summary LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.load_from_disk() in llama_index/indices/managed/bge_m3/base.py. The function uses pickle.load() to deserialize multi_embed_store.pkl from a user-supplied persist_dir without validation. An attacker who can provide a crafted persist directory containing a malicious pickle file can trigger arbitrary code execution when the victim loads the index from disk.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-14021

reference_id

reference_type

scores

value	0.00131
scoring_system	epss
scoring_elements	0.32251
published_at	2026-06-11T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32431
published_at	2026-06-14T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32453
published_at	2026-06-13T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32433
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-14021

reference_url

https://huntr.com/bounties/ab4ceeb4-aa85-4d1c-aaca-4eda1b71fc12

reference_id

ab4ceeb4-aa85-4d1c-aaca-4eda1b71fc12

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-13T16:23:29Z/

url

https://huntr.com/bounties/ab4ceeb4-aa85-4d1c-aaca-4eda1b71fc12

reference_url

https://github.com/run-llama/llama_index

reference_id

llama_index

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-13T16:23:29Z/

url

https://github.com/run-llama/llama_index

reference_url

https://www.vulncheck.com/advisories/llamaindex-bgem3index-unsafe-deserialization

reference_id

llamaindex-bgem3index-unsafe-deserialization

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-13T16:23:29Z/

url

https://www.vulncheck.com/advisories/llamaindex-bgem3index-unsafe-deserialization

reference_url

https://www.llamaindex.ai/

reference_id

www.llamaindex.ai

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-13T16:23:29Z/

url

https://www.llamaindex.ai/

fixed_packages

url pkg:pypi/llama-index@0.11.7

purl pkg:pypi/llama-index@0.11.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42vx-wn51-qyhn

vulnerability	VCID-4gnz-yvuj-j7b9

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kef8-9x8x-7qbf

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-m1xa-bext-83bg

vulnerability	VCID-uxre-3rx7-1ffw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.11.7

aliases CVE-2024-14021, PYSEC-2026-85

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y5h5-cjme-jkf6

url VCID-z131-hxnn-nyax

vulnerability_id VCID-z131-hxnn-nyax

summary An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45201.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45201.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45201

reference_id

reference_type

scores

value	0.00212
scoring_system	epss
scoring_elements	0.43968
published_at	2026-06-14T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.4398
published_at	2026-06-13T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43961
published_at	2026-06-12T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43806
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45201

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2024-192.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2024-192.yaml

reference_url

https://github.com/run-llama/llama_index/commit/bd827c30484fa085ec769fa55dc7f2add8006ac8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/run-llama/llama_index/commit/bd827c30484fa085ec769fa55dc7f2add8006ac8

reference_url

https://github.com/run-llama/llama_index/pull/13523

reference_id

13523

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:18:17Z/

url

https://github.com/run-llama/llama_index/pull/13523

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2307415
reference_id	2307415
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2307415

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-45201

reference_id

CVE-2024-45201

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-45201

reference_url

https://github.com/advisories/GHSA-fxc2-8m62-m85x

reference_id

GHSA-fxc2-8m62-m85x

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fxc2-8m62-m85x

reference_url

https://github.com/run-llama/llama_index/compare/v0.10.37...v0.10.38

reference_id

v0.10.37...v0.10.38

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:18:17Z/

url

https://github.com/run-llama/llama_index/compare/v0.10.37...v0.10.38

fixed_packages

url pkg:pypi/llama-index@0.10.38

purl pkg:pypi/llama-index@0.10.38

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42vx-wn51-qyhn

vulnerability	VCID-4gnz-yvuj-j7b9

vulnerability	VCID-ceq2-zgaf-4khp

vulnerability	VCID-kdxg-cepu-k7c6

vulnerability	VCID-kef8-9x8x-7qbf

vulnerability	VCID-kuwz-n7tn-v3f6

vulnerability	VCID-m1xa-bext-83bg

vulnerability	VCID-uxre-3rx7-1ffw

vulnerability	VCID-y5h5-cjme-jkf6

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.10.38

aliases CVE-2024-45201, GHSA-fxc2-8m62-m85x, PYSEC-2024-192

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z131-hxnn-nyax

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index@0.8.63.post2

Package Instance