CNNVD-202601-5079 Information

CNNVD ID

CNNVD-202601-5079

Related CVE

CVE-2026-25211

• CNNVD Published: 2026-01-30

Description (Chinese)

Llama Stack是Meta Llama开源的一个简化人工智能应用开发的核心构建模块。 Llama Stack 0.4.0rc3之前版本存在日志信息泄露漏洞，该漏洞源于初始化日志未隐藏pgvector密码，可能导致敏感信息泄露。

Description (English)

Llama Stack is a core construction module to simplify the development of artificial intelligence applications at the Meta Llama Open Source. Prior to Llama Stack 0.4.0rc3, there was a leak in log information, which originated from the fact that the initialization log did not hide the pgvector password, which could lead to the disclosure of sensitive information.

Hazard Level

Critical

Vulnerability Type

日志信息泄露

Affected Vendor

Meta Llama

Published

2026-01-30

Last Modified

2026-02-24

References

https://github.com/llamastack/llama-stack/compare/v0.4.0rc2…v0.4.0rc3 https://github.com/llamastack/llama-stack/pull/4439

Patch

https://llamastack.github.io/