CVE-2025-1753 | run-llama llama_index up to 0.4.0 CLI os.system files os command injection

Inserito da Angelo Barbosa | Mag 28, 2025 | CVE

A vulnerability was found in run-llama llama_index up to 0.4.0. It has been declared as critical. Affected by this vulnerability is the function os.system in the library os.system of the component CLI. The manipulation of the argument files leads to os command injection.

This vulnerability is known as CVE-2025-1753. The attack needs to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1753 | run-llama llama_index up to 0.4.0 CLI os.system files os command injection

Post correlati

CVE-2024-23487 | Intel Server D50DNP improper authentication (intel-sa-01080)

CVE-2024-7138 | Silabs RS9116 Bluetooth SDK up to 2.10.4 L2CAP Packet assertion

CVE-2024-6221 | corydolphin flask-cors up to 4.0.1 Configuration Options access control

CVE-2024-9491 | Silabs Configuration Wizard 2 up to 4.50 uncontrolled search path