CVE-2025-3046

Path Traversal via Symbolic Links in run-llama/llama_index

CVSS 7.5 HIGHEPSS 0.6%CWE-22

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.5EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

07 Jul 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability in the `ObsidianReader` class of the run-llama/llama_index repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The `ObsidianReader` fails to resolve symlinks to their real paths and does not validate whether the resolved paths lie within the intended directory. This flaw enables attackers to place symlinks pointing to files outside the vault directory, which are then processed as valid Markdown files, potentially exposing sensitive information.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

run-llama · run-llama/llama_index

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/run-llama/llama_index/commit/0008041e8dde8e519621388e5d6f558bde6ef42e https://huntr.com/bounties/90a1f1b2-bb82-4d66-9fc1-856ed5f904da