CVE-2025-1753

Name of the Vulnerable Software and Affected Versions LLama-Index CLI version v0.12.20

Description The LLama-Index CLI contains an OS command injection issue due to the improper handling of the --files argument, which is directly passed into os.system. This allows an attacker who controls the content of this argument to inject and execute arbitrary shell commands. The issue can be exploited locally if the attacker has control over the CLI arguments, and remotely if a web application calls the LLama-Index CLI with a user-controlled filename, potentially leading to arbitrary code execution on the affected system.

Recommendations For version v0.12.20, consider disabling the --files argument until a patch is available to prevent the injection of arbitrary shell commands. Restrict access to the LLama-Index CLI to minimize the risk of exploitation, especially in scenarios where user-controlled input may be passed to the CLI.