VYPR
Medium severity5.3OSV Advisory· Published Sep 24, 2025· Updated Apr 15, 2026

CVE-2025-55178

CVE-2025-55178

Description

Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
llama-stackPyPI
< 0.2.200.2.20

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.