CVE-2025-6209

A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0.12.40, specifically within the encode_image function in generic_utils.py. This vulnerability allows an attacker to manipulate the image_path input to read arbitrary files on the server, including sensitive system files. The issue arises due to improper validation or sanitization of the file path, enabling path traversal sequences to access files outside the intended directory. The vulnerability is fixed in version 0.12.41.

Published: Jul 7, 2025
Updated: Aug 11, 2025
CVE: CVE-2025-6209
GHSA: GHSA-2rhq-96q8-4vjq
Severity: High
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-29

Affected Software
References

Software	From	Fixed in
llama-index-core	0.11.23	0.12.41
llamaindex / llamaindex	0.12.27	0.12.41

https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2025-65.yaml
https://github.com/run-llama/llama_index/commit/cdeaab91a204d1c3527f177dac37390327aef274
https://huntr.com/bounties/e89d14f8-bfe8-4c9a-bb2a-656c01cc9a68

Vulnerability Database

CVE-2025-6209