CVE-2025-6211

Name of the Vulnerable Software and Affected Versions: llama index versions up to 0.12.28 Description: A vulnerability exists in the DocugamiReader class of the llama index repository. The use of MD5 hashing to generate IDs for document chunks can lead to hash collisions when structurally distinct chunks contain identical text. This can result in the overwriting of document chunks, loss of content, breakage of chunk hierarchies, and inaccurate AI outputs. Recommendations: Update to version 0.3.1 or later.