Run-llama Security Update Advisory (CVE-2025-1793)

Jul 21 2025

Overview

We have released a security update that addresses a vulnerability in run-llama. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-1793

Run-llama/llama_index Version: less than 0.12.28

Resolved Vulnerabilities

SQL Injection Vulnerability in Vector Store Integration in run-llama/llama_index (CVE-2025-1793)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-1793

Run-llama/llama_index Version: 0.12.28

References

[1] SQL injection vulnerabilities in multiple vector stores in run-llama/llama_index
https://huntr.com/bounties/8cb1555a-9655-4122-b0d6-60059e79183c
[2] CVE-2025-1793
https://www.cve.org/CVERecord?id=CVE-2025-1793

Run-llama Security Update Advisory (CVE-2025-1793)

MS Family July 2025 Secondary Security Update Advisory

HPE Product Security Update Advisory

Tags:

MS Family July 2025 Secondary Security Update Advisory

HPE Product Security Update Advisory