CVE-2024-3271
published 2024-04-16CVE-2024-3271: A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended…
PriorityP271critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.86%
85.0th percentile
A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by crafting input that does not contain an underscore but still results in the execution of OS commands. The vulnerability allows for remote code execution (RCE) on the server hosting the application.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| llamaindex | llamaindex | >= 0.10.6 < 0.10.26 | 0.10.26 |
| run-llama | run-llama_llama_index | >= unspecified < 10.26 | 10.26 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
llama-index-core Command Injection vulnerability
ghsa·2024-04-16
CVE-2024-3271 [CRITICAL] CWE-77 llama-index-core Command Injection vulnerability
llama-index-core Command Injection vulnerability
A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by crafting input that does not contain an underscore but still results in the execution of OS commands. The vulnerability allows for remote code execution (RCE) on the server hosting the application.
OSV
llama-index-core Command Injection vulnerability
osv·2024-04-16
CVE-2024-3271 [CRITICAL] llama-index-core Command Injection vulnerability
llama-index-core Command Injection vulnerability
A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by crafting input that does not contain an underscore but still results in the execution of OS commands. The vulnerability allows for remote code execution (RCE) on the server hosting the application.
No detection rules found.
No public exploits indexed.
arXiv
Cascade: Composing Software-Hardware Attack Gadgets for Adversarial Threat Amplification in Compound AI Systems
arxiv_fulltext·2026-03-12
Cascade: Composing Software-Hardware Attack Gadgets for Adversarial Threat Amplification in Compound AI Systems
Cascade: Composing Software-Hardware Attack Gadgets for Adversarial Threat Amplification in Compound AI Systems
Sarbartha Banerjee126,\;
Prateek Sahu12,\;
Anjo Vahldiek-Oberwagner3,\;
Jose Sanchez Vicarte5,\;
Mohit Tiwari24 0.3em
2The University of Texas at Austin \;\; 3Intel Labs \;\; 4Symmetry Systems \;\; 5Microsoft \;\; 6Georgia Tech
plain
1
Sarbartha Banerjee and Prateek Sahu are equal contributors.NoHyper
0.3in
## Abstract
Rapid progress in generative AI has given rise to Compound AI systems - pipelines comprised of multiple large language models (LLM), software tools and database systems.
Compound AI systems are constructed on a layered traditional software stack running on a distributed hardware infrastructure.
Many of the diverse software components are vulnerable to tradit
arXiv
SoK: Understanding Vulnerabilities in the Large Language Model Supply Chain
arxiv_fulltext·2025-02-18
SoK: Understanding Vulnerabilities in the Large Language Model Supply Chain
SoK: Understanding Vulnerabilities in the Large Language Model Supply Chain
Shenao Wang , Yanjie Zhao , Zhao Liu , Quanchen Zou , Haoyu Wang
\ 0.5em]
Huazhong University of Science and Technology
360 AI Security Lab
## Abstract
Large Language Models (LLMs) transform artificial intelligence, driving advancements in natural language understanding, text generation, and autonomous systems. The increasing complexity of their development and deployment introduces significant security challenges, particularly within the LLM supply chain. However, existing research primarily focuses on content safety, such as adversarial attacks, jailbreaking, and backdoor attacks, while overlooking security vulnerabilities in the underlying software systems. To address this gap, this study systematically anal
https://github.com/run-llama/llama_index/commit/5fbcb5a8b9f20f81b791c7fc8849e352613ab475https://huntr.com/bounties/9b32490e-7cf9-470e-8d49-ba083ae7a279https://github.com/run-llama/llama_index/commit/5fbcb5a8b9f20f81b791c7fc8849e352613ab475https://huntr.com/bounties/9b32490e-7cf9-470e-8d49-ba083ae7a279
2024-04-16
Published