PYSEC-2026-398

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/llama-index-packs-finchat/PYSEC-2026-398.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-398
Aliases
Published
2026-06-29T11:50:35.108513Z
Modified
2026-06-29T12:15:28.197768387Z
Severity
  • 10.0 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
llama-index-packs-finchat SQL Injection vulnerability
Details

A vulnerability in the FinanceChatLlamaPack of the llama-index-packs-finchat package, versions up to v0.3.0, allows for SQL injection in the run_sql_query function of the database_agent. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality.

The issue is resolved by no longer officially supporting the package and moving it into the stale_packages branch on the repo, this removing it from documentation etc.

References

Affected packages

PyPI / llama-index-packs-finchat

Package

Name
llama-index-packs-finchat
View open source insights on deps.dev
Purl
pkg:pypi/llama-index-packs-finchat

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
0.3.0

Affected versions

0.*
0.1.0
0.1.1
0.2.0
0.3.0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/llama-index-packs-finchat/PYSEC-2026-398.yaml"