How to fix CVE-2025-1793?

24 hours: Inventory all systems running llama_index v0.12.21 and assess exposure in internet-facing applications; immediately isolate affected systems if they handle sensitive data. 7 days: Apply the available vendor patch to all affected systems and validate the remediation in testing environments. 30 days: Conduct a security audit of data access logs to identify any unauthorized access during the vulnerability window and implement enhanced monitoring for SQL injection attempts.

Is Llamaindex affected by CVE-2025-1793?

A critical SQL injection vulnerability in llama_index v0.12.21 allows attackers to read and write database data without authorization, potentially exposing customer information and enabling data manipulation.

CVE-2025-1793

EUVD-2025-16964 CRITICAL

2025-06-05 [email protected]

GHSA-v3c8-3pr6-gr7p

9.8

CVSS 3.0

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 17:53 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 17:53 euvd

EUVD-2025-16964

Patch Released

Mar 14, 2026 - 17:53 nvd

Patch available

PoC Detected

Jul 30, 2025 - 21:29 vuln.today

Public exploit code

CVE Published

Jun 05, 2025 - 05:15 nvd

CRITICAL 9.8

Description

Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the llama-index library in a web application.

Analysis

Critical SQL injection vulnerability affecting run-llama/llama_index v0.12.21 and potentially other versions, present in multiple vector store integrations. Attackers can execute arbitrary SQL commands without authentication to read and write data, potentially compromising data belonging to other users in web applications leveraging this library. With a CVSS 9.8 severity score, network-accessible attack vector, and no authentication required, this vulnerability poses an immediate and severe risk to production deployments.

Technical Context

Llama_index is a Python library for building LLM applications with vector store integrations for semantic search and data management. The vulnerability exists in SQL-based vector store adapters (likely PostgreSQL, MySQL, SQLite, or similar database backends) where user-supplied input is improperly sanitized before being concatenated into SQL queries. This is a classic CWE-89 (SQL Injection) vulnerability where dynamic SQL construction fails to use parameterized queries or prepared statements. The library's vector store integration layer accepts inputs (potentially from LLM prompts, user queries, or API parameters) that are passed directly to database drivers without proper escaping or parameterization, allowing attackers to inject malicious SQL syntax. Affected CPE likely includes: cpe:2.3:a:run-llama:llama_index:0.12.21:*:*:*:*:python:*:*

Affected Products

run-llama/llama_index (['0.12.21'])

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +49

POC: +20

Vendor Status

CVE-2025-1793 vulnerability details – vuln.today

Back

CVE-2025-1793

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Vendor Status

Share

CVE-2025-1793

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Vendor Status

Share

External POC / Exploit Code