Vendor
Llamastack
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-55178 | Med | 0.27 | 5.3 | 0.00 | Sep 24, 2025 | Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution. | |
| CVE-2026-25211 | Low | 0.14 | 3.2 | 0.00 | Jan 30, 2026 | Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initialization log. |