llama-index
PyPI10 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting llama-indexpage 1 of 1
- CVE-2023-39662CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.7.142023-08-15
vulnerable: 0.4.10 ... 0.7.9 (136 versions)
An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function.
- CVE-2024-12910MEDIUMCVSS 5.9EG 5.9✓ Fixed in 0.12.92025-03-20
vulnerable: 0.10.0 ... 0.9.9 (430 versions)
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index repository, version latest, allows an attacker to cause a Denial of Service (DoS) by controlling a URL variable to contain the root URL. This leads to infin…
- CVE-2024-14021HIGHCVSS 7.8EG 7.8✓ Fixed in 0.11.72026-01-12
vulnerable: 0.10.0 ... 0.9.9 (404 versions)
LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.load_from_disk() in llama_index/indices/managed/bge_m3/base.py. The function uses pickle.load() to deseria…
- CVE-2024-23751CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.9.352024-01-22
vulnerable: 0.4.10 ... 0.9.33a6 (309 versions)
LlamaIndex (aka llama_index) through 0.9.34 allows SQL injection via the Text-to-SQL feature in NLSQLTableQueryEngine, SQLTableRetrieverQueryEngine, NLSQLRetriever, RetrieverQueryEngine, and PGVectorSQLQueryEngine. For example, an attacker…
- CVE-2024-4181HIGHCVSS 8.8EG 8.8✓ Fixed in 0.10.132024-05-16
vulnerable: 0.10.0 ... 0.9.9 (340 versions)
A command injection vulnerability exists in the RunGptLLM class of the llama_index library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models (LLMs). The vulnerability arises from the improper …
- CVE-2024-45201HIGHCVSS 8.8EG 8.8✓ Fixed in 0.10.382024-08-22
vulnerable: 0.10.0 ... 0.9.9 (365 versions)
An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.
- CVE-2025-1752HIGHCVSS 7.5EG 7.5✓ Fixed in 0.12.212025-05-10
vulnerable: 0.12.15 ... 0.12.20 (6 versions)
A Denial of Service (DoS) vulnerability has been identified in the KnowledgeBaseWebReader class of the run-llama/llama_index project, affecting version ~ latest(v0.12.15). The vulnerability arises due to inappropriate secure coding measure…
- CVE-2025-1793CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.12.282025-06-05
vulnerable: 0.10.0 ... 0.9.9 (449 versions)
Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data o…
- CVE-2025-6211MEDIUMCVSS 6.5EG 6.5✓ Fixed in 0.12.412025-07-10
vulnerable: 0.10.0 ... 0.9.9 (462 versions)
A vulnerability in the DocugamiReader class of the run-llama/llama_index repository, up to version 0.12.28, involves the use of MD5 hashing to generate IDs for document chunks. This approach leads to hash collisions when structurally disti…
- CVE-2025-7707HIGHCVSS 7.8EG 7.8✓ Fixed in 0.13.02025-10-13
vulnerable: 0.10.0 ... 0.9.9 (474 versions)
The llama_index library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt N…
Check whether llama-index is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for llama-index CVEs against the assets you own.
Start Free Scan →