Platform
python
Component
llama-index-readers-obsidian
Fixed in
0.12.28
0.5.1
CVE-2025-3046 is a Path Traversal vulnerability discovered in the llama-index-readers-obsidian component, specifically within the ObsidianReader class. This flaw allows attackers to read files outside the intended vault directory by exploiting improper symlink resolution. Versions of llama-index-readers-obsidian prior to 0.5.1 (specifically, versions 0.12.23 to 0.12.28) are affected. A fix has been released in version 0.5.1.
The vulnerability lies in the ObsidianReader's failure to properly resolve symbolic links. An attacker can craft a malicious symlink pointing to a sensitive file outside the Obsidian vault directory. When the ObsidianReader processes this symlink as a Markdown file, it inadvertently reads the linked file, potentially exposing confidential information such as configuration files, database credentials, or other sensitive documents. The blast radius extends to any data accessible through the file system that an attacker can link to. This vulnerability is particularly concerning as it bypasses intended directory restrictions, allowing for unauthorized data access.
This vulnerability was publicly disclosed on 2025-07-07. There is currently no indication of active exploitation campaigns targeting this specific vulnerability. No public proof-of-concept (PoC) code has been released at the time of writing. The vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.14% (34% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade llama-index-readers-obsidian to version 0.5.1 or later, which includes the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing a temporary workaround by restricting file access permissions within the Obsidian vault directory. Specifically, ensure that the user account running the LlamaIndex application has minimal privileges and cannot access files outside the vault. Additionally, implement input validation to sanitize file paths and prevent the processing of symbolic links. After upgrading, confirm the fix by attempting to access a file outside the vault via a symbolic link; the operation should fail with an appropriate error.
Actualice la biblioteca `llama_index` a la versión 0.12.29 o superior. Esto corrige la vulnerabilidad de path traversal a través de enlaces simbólicos en la clase `ObsidianReader`. La actualización asegura que los enlaces simbólicos se resuelvan correctamente y se validen para evitar el acceso a archivos fuera del directorio previsto.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-3046 is a Path Traversal vulnerability in the llama-index-readers-obsidian component, allowing attackers to read arbitrary files via symbolic links in versions prior to 0.5.1.
You are affected if you are using llama-index-readers-obsidian versions 0.12.23 to 0.5.0. Versions before 0.5.1 are vulnerable.
Upgrade llama-index-readers-obsidian to version 0.5.1 or later. As a temporary workaround, restrict file access permissions within the Obsidian vault directory.
There is currently no indication of active exploitation campaigns targeting this vulnerability.
Refer to the LlamaIndex repository for updates and advisories: [https://github.com/run-llama/llamaindex](https://github.com/run-llama/llamaindex)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.