CVE-2025-1753 | run-llama llama_index up to 0.4.0 CLI os.system files os command injection

Inserito da Angelo Barbosa | Mag 28, 2025 | CVE

A vulnerability was found in run-llama llama_index up to 0.4.0. It has been declared as critical. Affected by this vulnerability is the function os.system in the library os.system of the component CLI. The manipulation of the argument files leads to os command injection.

This vulnerability is known as CVE-2025-1753. The attack needs to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1753 | run-llama llama_index up to 0.4.0 CLI os.system files os command injection

Post correlati

CVE-2024-12117 | Stackable Plugin up to 3.13.11 on WordPress Gutenberg Block cross site scripting

CVE-2025-21492 | Oracle MySQL Server up to 8.0.36/8.4.0 Optimizer improper authorization

CVE-2024-38758 | WappPress Plugin up to 6.0.4 on WordPress server-side request forgery

CVE-2024-45107 | Adobe Acrobat Reader prior 20.005.30655/24.001.30159/24.002.21005 use after free (apsb24-57)