repository icon
run-llama / llama_index Project repository

LlamaIndex is a data framework for your LLM applications

Submit a report

FIRST INTERACTION

WITHIN2 DAYS

REVIEW

WITHIN2 DAYS

FIX

WITHINN/A DAYS

test
ripp3rdoc
self closed
Test SSRF
ripp3rdoc
self closed
Disabled TLS Verification in Minio boto3 Reader Enables MITM Credential and Cont...
hombecl
self closed
Disabled TLS Verification in Minio boto3 Reader Enables MITM Credential and Cont...
hombecl
self closed
SQL injection via unsanitized metadata filter key and value in YugabyteDBVectorS...
jarrodcbee
self closed
test
yeon-uu
self closed
SQL Injection via unsanitized `schema_name` in `llama-index-storage-chat-store-y...
shogo-3345
duplicate
Critical
SQL Injection in DB2 and Azure Cosmos NoSQL Vector Stores (Incomplete CVE-2025-1...
parallaxfx-343
duplicate
Critical
SQL Injection in multiple vector stores and tools via f-string query constructio...
kuranikaran
duplicate
Critical
Denial of Service via uncontrolled recursion in JSONNodeParser, Document360 read...
kuranikaran
duplicate
High
Arbitrary Code Execution via unsafe pickle and torch.load deserialization in mul...
kuranikaran
duplicate
Critical
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
Incomplete remediation of GHSA-v3c8-3pr6-gr7p leads to SQL injection in SQLAlche...
av7danger
duplicate
Medium
Server-Side Request Forgery (SSRF) via ImageNode.resolve_image() and ImageDocume...
galanzi2580-wq
self closed
PickleSerializer in Workflow Context Enables Arbitrary Code Execution via pickle...
galanzi2580-wq
self closed
Arbitrary local file read via SimpleDirectoryReader.load_resource() path travers...
galanzi2580-wq
self closed
Unsafe pickle.load() in BGEM3Index and TxtaiVectorStore allows arbitrary code ex...
darklordvirtual
duplicate
High
Unsafe pickle deserialization via torch.load() in llama-index-embeddings-adapt...
k4lif1
self closed
llama-index-evaporate: exec() sandbox escape via operator.attrgetter RCE
ssjcorpsec
self closed
llama-index-evaporate: exec() sandbox escape via operator.attrgetter RCE
ssjcorpsec
self closed
llama-index-evaporate: exec() sandbox escape via operator.attrgetter RCE
ssjcorpsec
self closed
SSRF via resolve_image — requests.get on user-controlled image_url in llama_inde...
muraveyapp
duplicate
None
SSRF via resolve_image — requests.get on user-controlled image_url in llama_inde...
muraveyapp
duplicate
None
SSRF via resolve_image — requests.get on user-controlled image_url in llama_inde...
muraveyapp
duplicate
None
Critical SSRF to Cloud Metadata Exfiltration via Unvalidated URL Fetching in Web...
iffi-crux
duplicate
Critical
CVE-2025-1793: Incomplete Scope — Five Additional Vector Store Integrations with...
rui-wang-8
duplicate
Critical
Critical RCE via Chained Arbitrary File Write and Insecure Deserialization in Tx...
uchalm
duplicate
Critical
Unsafe pickle deserialization in TxtaiVectorStore.from_persist_path fallback con...
am-statementforge
duplicate
High
SQL Injection in llama-index-vector-stores-db2
pwilkin
duplicate
High
huntr: run-llama/llama_index