| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6208 | Uncontrolled Memory Consumption in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2026-02-02 10:36:23 | Deep Dive |
| CVE-2024-14021 | LlamaIndex <= 0.11.6 BGEM3Index Unsafe Deserialization | run-llama | llama_index | - | - | 2026-01-12 23:04:43 | Deep Dive |
| CVE-2024-58339 | LlamaIndex <= 0.12.2 VannaQueryEngine SQL Execution Allows Resource Exhaustion | run-llama | llama_index | - | - | 2026-01-12 23:04:25 | Deep Dive |
| CVE-2025-7707 | World-Writable NLTK Cache Directory Vulnerability in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-10-13 16:15:08 | Deep Dive |
| CVE-2025-7647 | Insecure Temporary File Handling in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-09-27 16:34:37 | Deep Dive |
| CVE-2025-5302 | Denial of Service (DOS) in JSONReader in run-llama/llama_index | run-llama | run-llama/llama_index | 高危 | - | 2025-08-25 15:03:18 | Deep Dive |
| CVE-2025-6211 | MD5 Hash Collision in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-07-10 13:04:34 | Deep Dive |
| CVE-2025-6209 | Arbitrary File Read through Path Traversal in run-llama/llama_index | run-llama | run-llama/llama_index | 高危 | - | 2025-07-07 12:21:11 | Deep Dive |
| CVE-2025-5472 | Denial of Service via Uncontrolled Recursive JSON Parsing in JSONReader in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-07-07 09:55:57 | Deep Dive |
| CVE-2025-6210 | Hardlink-Based Path Traversal in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-07-07 09:55:47 | Deep Dive |
| CVE-2025-3046 | Path Traversal via Symbolic Links in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-07-07 09:54:50 | Deep Dive |
| CVE-2025-3044 | MD5 Hash Collision in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-07-07 09:54:23 | Deep Dive |
| CVE-2025-3225 | XML Entity Expansion vulnerability in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-07-07 09:54:06 | Deep Dive |
| CVE-2025-3108 | Unsafe Deserialization in JsonPickleSerializer Enables Remote Code Execution in run-llama/llama_index | run-llama | run-llama/llama_index | 中危 | - | 2025-07-06 22:47:26 | Deep Dive |
| CVE-2025-1793 | SQL Injection in run-llama/llama_index | run-llama | run-llama/llama_index | - | - | 2025-06-05 04:54:47 | Deep Dive |
| CVE-2025-1750 | SQL Injection in run-llama/llama_index | run-llama | run-llama/llama_index | - | - | 2025-06-02 10:04:51 | Deep Dive |
| CVE-2025-1753 | Command Injection in LLama-Index CLI in run-llama/llama_index | run-llama | run-llama/llama_index | - | - | 2025-05-28 09:34:11 | Deep Dive |
| CVE-2025-1752 | Denial of Service in run-llama/llama_index | run-llama | run-llama/llama_index | - | - | 2025-05-10 13:21:31 | Deep Dive |
| CVE-2024-11958 | SQL Injection in run-llama/llama_index | run-llama | run-llama/llama_index | 超危 | - | 2025-03-20 10:10:46 | Deep Dive |
| CVE-2024-12911 | SQL Injection in run-llama/llama_index | run-llama | run-llama/llama_index | 高危 | - | 2025-03-20 10:09:45 | Deep Dive |