Headline
GHSA-3j8r-jf9w-5cmh: LlamaIndex vulnerability in its ObsidianReader class can lead to Path Traversal exploit
A vulnerability in the ObsidianReader class of the run-llama/llama_index repository, before version 0.5.2 (specifically in version 0.12.27 of llama-index), allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. The vulnerability arises from inadequate handling of hardlinks in the load_data() method, where the security checks fail to differentiate between real files and hardlinks. This issue is resolved in llama-index-readers-obsidian version 0.5.2.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2025-6210
LlamaIndex vulnerability in its ObsidianReader class can lead to Path Traversal exploit
Moderate severity GitHub Reviewed Published Jul 7, 2025 to the GitHub Advisory Database • Updated Jul 8, 2025
Package
pip llama-index-readers-obsidian (pip)
Affected versions
< 0.5.2
A vulnerability in the ObsidianReader class of the run-llama/llama_index repository, before version 0.5.2 (specifically in version 0.12.27 of llama-index), allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. The vulnerability arises from inadequate handling of hardlinks in the load_data() method, where the security checks fail to differentiate between real files and hardlinks. This issue is resolved in llama-index-readers-obsidian version 0.5.2.
References
- https://nvd.nist.gov/vuln/detail/CVE-2025-6210
- run-llama/llama_index@a86c96a
- https://huntr.com/bounties/a654b322-a509-4448-a1f5-0f22850b4687
Published to the GitHub Advisory Database
Jul 7, 2025