What is the CVSS score of EUVD-2025-16964?

EUVD-2025-16964 has a CVSS 3.0 base score of 9.8 (Critical). CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Llamaindex are affected by EUVD-2025-16964?

A critical SQL injection vulnerability in llama_index v0.12.21 allows attackers to read and write database data without authorization, potentially exposing customer information and enabling data…. A patch is available.

Is there a public PoC exploit available for EUVD-2025-16964?

Yes, a public proof-of-concept exploit is available for EUVD-2025-16964. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate EUVD-2025-16964?

24 hours: Inventory all systems running llama_index v0.12.21 and assess exposure in internet-facing applications; immediately isolate affected systems if they handle sensitive data. 7 days: Apply the available vendor patch to all affected systems and validate the remediation in testing environments. 30 days: Conduct a security audit of data access logs to identify any unauthorized access during the vulnerability window and implement enhanced monitoring for SQL injection attempts.

Llamaindex EUVD-2025-16964

| CVE-2025-1793 CRITICAL

SQL Injection (CWE-89)

2025-06-05 security@huntr.dev

GHSA-v3c8-3pr6-gr7p

SQLi Authentication Bypass Llamaindex Red Hat

9.8

CVSS 3.0 · NVD

Severity by source

NVD PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Red Hat

9.1 HIGH

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 17:53 euvd

EUVD-2025-16964

Analysis Generated

Mar 14, 2026 - 17:53 vuln.today

Patch released

Mar 14, 2026 - 17:53 nvd

Patch available

PoC Detected

Jul 30, 2025 - 21:29 vuln.today

Public exploit code

CVE Published

Jun 05, 2025 - 05:15 nvd

CRITICAL 9.8

DescriptionCVE.org

Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the llama-index library in a web application.

AnalysisAI

Critical SQL injection vulnerability affecting run-llama/llama_index v0.12.21 and potentially other versions, present in multiple vector store integrations. Attackers can execute arbitrary SQL commands without authentication to read and write data, potentially compromising data belonging to other users in web applications leveraging this library. With a CVSS 9.8 severity score, network-accessible attack vector, and no authentication required, this vulnerability poses an immediate and severe risk to production deployments.

Technical ContextAI

Llama_index is a Python library for building LLM applications with vector store integrations for semantic search and data management. The vulnerability exists in SQL-based vector store adapters (likely PostgreSQL, MySQL, SQLite, or similar database backends) where user-supplied input is improperly sanitized before being concatenated into SQL queries. This is a classic CWE-89 (SQL Injection) vulnerability where dynamic SQL construction fails to use parameterized queries or prepared statements. The library's vector store integration layer accepts inputs (potentially from LLM prompts, user queries, or API parameters) that are passed directly to database drivers without proper escaping or parameterization, allowing attackers to inject malicious SQL syntax. Affected CPE likely includes: cpe:2.3:a:run-llama:llama_index:0.12.21:*:*:*:*:python:*:*

Vendor StatusVendor

EUVD-2025-16964 vulnerability details – vuln.today

Back

Llamaindex EUVD-2025-16964

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

Vendor StatusVendor

Share

External POC / Exploit Code