CVE-2025-6210: LlamaIndex vulnerability in its ObsidianReader class can lead to Path Traversal exploit

July 7, 2025 (updated July 8, 2025)

A vulnerability in the ObsidianReader class of the run-llama/llama_index repository, before version 0.5.2 (specifically in version 0.12.27 of llama-index), allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. The vulnerability arises from inadequate handling of hardlinks in the load_data() method, where the security checks fail to differentiate between real files and hardlinks. This issue is resolved in llama-index-readers-obsidian version 0.5.2.

References

github.com/advisories/GHSA-3j8r-jf9w-5cmh
github.com/run-llama/llama_index
github.com/run-llama/llama_index/commit/a86c96ae0e662492eeb471b658ae849a93f628ff
huntr.com/bounties/a654b322-a509-4448-a1f5-0f22850b4687
nvd.nist.gov/vuln/detail/CVE-2025-6210

Code Behaviors & Features

Detect and mitigate CVE-2025-6210 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →