repository icon
run-llama / llama_index Project repository

LlamaIndex is a data framework for your LLM applications

Submit a report

FIRST INTERACTION

WITHIN5 DAYS

REVIEW

WITHIN5 DAYS

FIX

WITHINN/A DAYS

SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
SQL++/N1QL Injection in CouchbaseQueryVectorStore.query() metadata filters (llam...
wernerina
self closed
Server-Side Request Forgery (SSRF) via ImageNode.resolve_image() and ImageDocume...
galanzi2580-wq
self closed
PickleSerializer in Workflow Context Enables Arbitrary Code Execution via pickle...
galanzi2580-wq
self closed
Arbitrary local file read via SimpleDirectoryReader.load_resource() path travers...
galanzi2580-wq
self closed
Unsafe pickle deserialization via torch.load() in llama-index-embeddings-adapt...
k4lif1
self closed
llama-index-evaporate: exec() sandbox escape via operator.attrgetter RCE
ssjcorpsec
self closed
llama-index-evaporate: exec() sandbox escape via operator.attrgetter RCE
ssjcorpsec
self closed
llama-index-evaporate: exec() sandbox escape via operator.attrgetter RCE
ssjcorpsec
self closed
SSRF via resolve_image — requests.get on user-controlled image_url in llama_inde...
muraveyapp
duplicate
None
SSRF via resolve_image — requests.get on user-controlled image_url in llama_inde...
muraveyapp
duplicate
None
SSRF via resolve_image — requests.get on user-controlled image_url in llama_inde...
muraveyapp
duplicate
None
Critical SSRF to Cloud Metadata Exfiltration via Unvalidated URL Fetching in Web...
iffi-crux
duplicate
Critical
CVE-2025-1793: Incomplete Scope — Five Additional Vector Store Integrations with...
rui-wang-8
duplicate
Critical
Critical RCE via Chained Arbitrary File Write and Insecure Deserialization in Tx...
uchalm
duplicate
Critical
Unsafe pickle deserialization in TxtaiVectorStore.from_persist_path fallback con...
am-statementforge
duplicate
High
SQL Injection in llama-index-vector-stores-db2
pwilkin
duplicate
High
Stack-overflow DoS via 4 unguarded recursive walkers in llama-index-core
linziyuu
informative
High
Sandbox escape via operator.attrgetter in llama-index-program-evaporate
nisartest20-bit
informative
Critical
Arbitrary code execution via unsafe pickle.load in txtai and bge-m3 integrations
bersechub
self closed
Sandbox escape to arbitrary code execution via operator.attrgetter in EvaporateE...
bersechub
self closed
SSRF in ChatGPTPluginToolSpec and OpenAPIToolSpec via Unvalidated URLs
jd-admrl-ai
self closed
SQL Injection in PostgresChatStore via Unsanitized schema_name Parameter
jd-admrl-ai
self closed
SSRF via resolve_binary() and ImageDocument/ImageNode.image_url allows cloud met...
elibell004
duplicate
High
SQL injection via f-string interpolation in DB2 vector store delete(), query(),...
snakeyworm
duplicate
None
Sandbox escape in Evaporate extractor via operator.attrgetter bypassing AST dund...
snakeyworm
duplicate
Critical
NoSQL injection via f-string interpolation in Azure Cosmos DB NoSQL vector store...
snakeyworm
duplicate
Critical
Complete Sandbox Escape in EvaporateExtractor via operator.attrgetter Dunder Byp...
skillwager
duplicate
Critical
LLM-Generated SQL Executed Without Sanitization in NLSQLRetriever (Text-to-SQL)
gauravbhatia1211
duplicate
High
Sandbox Escape via operator.attrgetter in Evaporate Extractor — Arbitrary Code E...
sam8k
duplicate
Critical
Sandbox Escape in EvaporateExtractor via operator.attrgetter Bypassing AST Dunde...
py4y6
duplicate
Critical
SQL/NoSQL Injection in multiple vector store integrations via unsanitized ref_do...
py4y6
duplicate
High
SQL Injection in llama-index-vector-stores-db2 DB2LlamaVS.delete() — same f-stri...
sovnodeai
duplicate
Critical
Systemic SSRF in llama-index-core: unvalidated `requests.get()` on user-controll...
lolbotym
duplicate
High