Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

CVE-2025-1793

CRITICAL

Published 2025-06-05T04:54:47.071Z

Actions:

CVSS Score

V3.0

9.8

/10

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Description

Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the llama-index library in a web application.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

run-llama

run-llama/llama_index

Affected Versions:

unspecified

References

https://huntr.com/bounties/8cb1555a-9655-4122-b0d6-60059e79183c

https://github.com/run-llama/llama_index/commit/0008041e8dde8e519621388e5d6f558bde6ef42e

Published: 2025-06-05T04:54:47.071Z

Last Modified: 2025-06-05T04:54:47.071Z

Copied to clipboard!