AI Threat Alert
LlamaIndex Core Vulnerabilities
pip LLM Frameworks 39
Risk Score
7
Total CVEs
0
Critical
pip
Ecosystem
Feb 2, 2026
Last CVE
100%
Patch Rate
50d
Avg Time to Patch
49,455 stars
7,419 forks
384 issues
1,087 dependents
Last push May 15, 2026
View on GitHub
Known Vulnerabilities (7 total, page 1 of 1)
Severity CVE ID Summary CVSS Published
MEDIUM CVE-2025-3108 llama-index: RCE via unsafe pickle deserialization 5.0 Jul 7, 2025 MEDIUM CVE-2025-5472 llama-index: JSONReader DoS via recursive JSON parsing 6.5 Jul 7, 2025 HIGH CVE-2025-6209 llama_index: path traversal allows arbitrary file read 7.5 Jul 7, 2025 HIGH CVE-2025-5302 llama-index: JSON parsing DoS via deep recursion 8.6 Aug 26, 2025 HIGH CVE-2025-7647 llama-index-core: insecure /tmp dir, model theft risk 7.3 Sep 27, 2025 MEDIUM CVE-2025-6208 llama-index-core: DoS causes service disruption 5.3 Feb 2, 2026 HIGH CVE-2024-12704 llama-index: DoS via infinite loop in LangChain LLM 7.5 Mar 20, 2025 Monitor LlamaIndex Core in your stack
Get instant alerts when new vulnerabilities affect LlamaIndex Core. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring