Platform
python
Component
llama-index
Opgelost in
0.12.28
0.12.28
CVE-2025-1793 describes a critical SQL Injection vulnerability affecting multiple vector store integrations within the run-llama/llama_index library, specifically versions up to 0.9.9. This flaw allows attackers to inject malicious SQL code, potentially leading to unauthorized data access and manipulation. A fix is available in version 0.12.28, and users are strongly advised to upgrade immediately.
The SQL Injection vulnerability in llama-index poses a significant risk to applications utilizing the library. An attacker could exploit this flaw to read sensitive data, including user credentials, personal information, and application configuration details. Furthermore, the attacker might be able to modify data, potentially corrupting the application's database or injecting malicious content. The blast radius extends to any application leveraging llama-index in a web environment, particularly those handling user-supplied data that is subsequently used in SQL queries. This vulnerability shares characteristics with other SQL injection attacks, where improper input sanitization allows attackers to bypass security controls and directly interact with the underlying database.
CVE-2025-1793 was publicly disclosed on 2025-06-05. The vulnerability's CRITICAL CVSS score (9.8) indicates a high probability of exploitation. While no public proof-of-concept (PoC) has been released at the time of writing, the ease of SQL injection exploitation suggests that a PoC is likely to emerge. It is not currently listed on CISA KEV, but its severity warrants close monitoring. Active campaigns targeting this vulnerability are not yet confirmed, but the widespread use of llama-index increases the potential attack surface.
Applications built using the llama-index library, particularly those deployed in web environments and handling user-provided data, are at significant risk. Shared hosting environments where multiple applications share a database are especially vulnerable, as a successful attack could compromise data across multiple tenants. Legacy applications using older versions of llama-index are also at increased risk.
• python / llama-index: Inspect code for usage of vector store integrations without proper input sanitization. Look for raw SQL queries constructed using user-supplied data.
import llama_index
# Vulnerable code example (do not use)
query = f"SELECT * FROM users WHERE username = '{user_input}'"
response = index.query(query)• python / llama-index: Monitor application logs for SQL errors or unusual database activity. Implement logging to capture all SQL queries executed by the application. • generic web: Use a web application firewall (WAF) to detect and block SQL injection attempts targeting llama-index endpoints.
disclosure
Exploit Status
EPSS
0.02% (5% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-1793 is to upgrade to llama-index version 0.12.28 or later. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider implementing input validation and sanitization techniques to prevent SQL injection attacks. Specifically, use parameterized queries or prepared statements to ensure that user-supplied data is treated as data and not as executable code. Web application firewalls (WAFs) configured to detect and block SQL injection attempts can provide an additional layer of defense. After upgrading, confirm the fix by attempting to inject SQL code into the affected vector store integrations and verifying that the queries are properly sanitized.
Actualice la biblioteca LlamaIndex a la versión 0.12.28 o superior. Esto corrige las vulnerabilidades de inyección SQL presentes en las integraciones de vector store. La actualización se puede realizar utilizando el gestor de paquetes pip: `pip install llama-index --upgrade`.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-1793 is a critical SQL Injection vulnerability in llama-index versions up to 0.9.9, allowing attackers to potentially read and write data via SQL queries.
You are affected if your application uses llama-index version 0.9.9 or earlier. Check your dependencies and upgrade immediately.
Upgrade to llama-index version 0.12.28 or later. If immediate upgrade is not possible, implement input validation and parameterized queries.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of future attacks.
Refer to the official llama-index security advisories and release notes on the run-llama GitHub repository for the latest information.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je requirements.txt-bestand en we vertellen je direct of je getroffen bent.