{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-25211", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-01-30T07:16:14.082Z", "datePublished": "2026-01-30T07:16:14.350Z", "dateUpdated": "2026-02-03T16:42:00.560Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Llama Stack", "vendor": "llamastack", "versions": [{"lessThan": "0.4.0rc3", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initialization log."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-01-30T07:22:14.986Z"}, "references": [{"url": "https://github.com/llamastack/llama-stack/pull/4439"}, {"url": "https://github.com/llamastack/llama-stack/compare/v0.4.0rc2...v0.4.0rc3"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-03T15:53:16.707713Z", "id": "CVE-2026-25211", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T16:42:00.560Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-25211", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-01-30T07:16:14.082Z", "datePublished": "2026-01-30T07:16:14.350Z", "dateUpdated": "2026-02-03T16:42:00.560Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Llama Stack", "vendor": "llamastack", "versions": [{"lessThan": "0.4.0rc3", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initialization log."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-01-30T07:22:14.986Z"}, "references": [{"url": "https://github.com/llamastack/llama-stack/pull/4439"}, {"url": "https://github.com/llamastack/llama-stack/compare/v0.4.0rc2...v0.4.0rc3"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25211", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-03T15:53:16.707713Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:53:22.217Z"}}]}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initialization log."}], "id": "CVE-2026-25211", "lastModified": "2026-02-04T16:34:21.763", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 1.4, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2026-01-30T08:16:02.563", "references": [{"source": "cve@mitre.org", "url": "https://github.com/llamastack/llama-stack/compare/v0.4.0rc2...v0.4.0rc3"}, {"source": "cve@mitre.org", "url": "https://github.com/llamastack/llama-stack/pull/4439"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "cve@mitre.org", "type": "Primary"}]}

{"bugzilla": {"description": "llamastack/llama-stack: Sensitive Information Exposure Through Log Files in Llama Stack PGVector Integration", "id": "2427563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427563"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-532", "details": ["A security issue was identified in the Llama Stack server when PGVector is used as a vector store provider. During initialization, the server logs print the PGVector database password in clear text. This occurs due to insufficient redaction of sensitive configuration fields. As a result, anyone with access to the application logs can retrieve database credentials, increasing the risk of unauthorized database access."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, ensure strict access controls are implemented for server and application logs associated with Llama Stack deployments. Restrict log file and directory access to authorized personnel only to prevent unauthorized disclosure of sensitive database credentials. Consider integrating log redaction or encryption solutions if supported by your logging infrastructure for enhanced data protection."}, "name": "CVE-2026-25211", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-llama-stack-k8s-operator-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2026-01-07T12:15:22Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-25211\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-25211"], "statement": "The vulnerability has a Low impact.The flaw involves information exposure through log files in the Llama Stack server when PGVector is configured, where database passwords are logged in plaintext.", "threat_severity": "Low"}

{"created": "2026-02-02T09:27:52.178128+00:00", "updated": "2026-02-02T09:27:52.178154+00:00", "vendors": ["llamastack", "llamastack$PRODUCT$llama_stack"]}