VYPR

PyPI package

llama-stack

pkg:pypi/llama-stack

Vulnerabilities (2)

  • CVE-2026-25211LowJan 30, 2026
    affected < 0.4.4fixed 0.4.4

    Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initialization log.

  • CVE-2025-55178MedSep 24, 2025
    affected < 0.2.20fixed 0.2.20

    Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution.