PatchSiren

run-llama CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH run-llama CVE published 2026-01-12

CVE-2024-58339

CVE-2024-58339 is an uncontrolled resource consumption vulnerability in LlamaIndex (run-llama/llama_index) versions up to and including 0.12.2. The VannaPack VannaQueryEngine implementation allows an attacker to trigger expensive or unbounded SQL operations via the custom_query() logic, leading to a denial-of-service condition. This issue occurs in llama_index/packs/vanna/base.py within custom_query(). Af [truncated]

HIGH run-llama CVE published 2026-01-12

CVE-2024-14021

CVE-2024-14021 is an unsafe deserialization vulnerability in LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6. The vulnerability exists in the BGEM3Index.load_from_disk() function in llama_index/indices/managed/bge_m3/base.py, which uses pickle.load() to deserialize multi_embed_store.pkl from a user-supplied persist_dir without validation. An attacker who can provide a crafted persis [truncated]