llama-index-core
PyPI8 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting llama-index-corepage 1 of 1
- CVE-2024-12704HIGHCVSS 7.5EG 7.5✓ Fixed in 0.12.62025-03-20
vulnerable: 0.10.0 ... 0.9.56 (163 versions)
A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the ge…
- CVE-2024-3098CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.10.242024-04-10
vulnerable: 0.10.0 ... 0.9.56 (66 versions)
A vulnerability was identified in the `exec_utils` class of the `llama_index` package, specifically within the `safe_eval` function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient v…
- CVE-2024-3271CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.10.242024-04-16
vulnerable: 0.10.0 ... 0.9.56 (66 versions)
A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code genera…
- CVE-2024-45201HIGHCVSS 8.8EG 8.8✓ Fixed in 0.10.382024-08-22
vulnerable: 0.10.0 ... 0.9.56 (87 versions)
An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.
- CVE-2025-5302HIGHCVSS 8.6EG 8.6✓ Fixed in 0.12.382025-08-25
vulnerable: 0.10.0 ... 0.9.56 (210 versions)
A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, wh…
- CVE-2025-5472MEDIUMCVSS 6.5EG 6.5✓ Fixed in 0.12.382025-07-07
vulnerable: 0.10.0 ... 0.9.56 (210 versions)
The JSONReader in run-llama/llama_index versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to trigger a Denial of Service (DoS) by submitting deeply nested JSO…
- CVE-2025-6208MEDIUMCVSS 5.3EG 5.3✓ Fixed in 0.12.412026-02-02
vulnerable: 0.10.0 ... 0.9.56 (213 versions)
The `SimpleDirectoryReader` component in `llama_index.core` version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit (`num_files_limit`) …
- CVE-2025-7647HIGHCVSS 7.3EG 7.3✓ Fixed in 0.13.02025-09-27
vulnerable: 0.10.0 ... 0.9.56 (226 versions)
The llama-index-core package, up to version 0.12.44, contains a vulnerability in the `get_cache_dir()` function where a predictable, hardcoded directory path `/tmp/llama_index` is used on Linux systems without proper security controls. Thi…
Check whether llama-index-core is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for llama-index-core CVEs against the assets you own.
Start Free Scan →