AI Threat Alert AI Threat Alert

LlamaIndex

pip LLM Frameworks
6
Total CVEs
1
Critical
pip
Ecosystem
Jan 12, 2026
Last CVE

Known Vulnerabilities (6 shown)

Severity CVE ID Summary CVSS Published
HIGH CVE-2024-58339 llamaindex: Resource Exhaustion enables DoS 7.5 Jan 12, 2026 HIGH CVE-2024-14021 llamaindex: Deserialization enables RCE 7.8 Jan 12, 2026 HIGH CVE-2024-12911 llama-index: SQLi+DoS via prompt injection in query engine 7.1 Mar 20, 2025 HIGH CVE-2024-12704 llama-index: DoS via infinite loop in LangChain LLM 7.5 Mar 20, 2025 UNKNOWN CVE-2024-4181 llama_index: RCE via eval() in RunGptLLM connector -- May 16, 2024 CRITICAL CVE-2024-23751 LlamaIndex: SQL injection in Text-to-SQL feature 9.8 Jan 22, 2024

Monitor LlamaIndex in your stack

Get instant alerts when new vulnerabilities affect LlamaIndex. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring