CVE-2025-1752 identifies a Denial of Service vulnerability in the run-llama/llama_index project, version ~ latest (v0.12.15). The vulnerability is located in the KnowledgeBaseWebReader class, specifically within the get_article_urls function. The root cause is the lack of proper enforcement of the max_depth parameter, which is intended to limit recursion depth. Without this control, an attacker can cause the function to recurse indefinitely or until Python's recursion limit is reached. This uncontrolled recursion leads to excessive consumption of stack memory and CPU resources, ultimately causing the Python process to crash and resulting in a denial of service. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The CVSS score of 7.5 (high) reflects the ease of exploitation and the significant impact on availability, though confidentiality and integrity remain unaffected. No patches have been linked yet, and no known exploits are reported in the wild. The vulnerability is categorized under CWE-674 (Uncontrolled Recursion), highlighting a secure coding flaw where recursion depth is not properly bounded. This issue is particularly critical for applications relying on run-llama/llama_index for knowledge base or AI-driven content retrieval, as service interruptions could degrade user experience or disrupt dependent workflows.

For European organizations, the primary impact is on availability. Services or applications using the vulnerable run-llama/llama_index library may experience crashes or downtime due to resource exhaustion caused by uncontrolled recursion. This can disrupt business operations, especially for companies relying on AI-driven knowledge management or content retrieval systems. The vulnerability does not compromise confidentiality or integrity, but denial of service can lead to loss of productivity, customer dissatisfaction, and potential financial losses. Organizations in sectors such as technology, research, finance, and public services that integrate Python-based AI tools are at higher risk. Additionally, if exploited in critical infrastructure or public-facing services, it could affect broader user bases and damage organizational reputation. The absence of authentication requirements means attackers can exploit the vulnerability remotely, increasing the threat surface. Although no active exploits are known, the high CVSS score and ease of exploitation warrant proactive mitigation.

To mitigate CVE-2025-1752, organizations should first monitor for updates or patches from the run-llama/llama_index maintainers and apply them promptly once available. In the interim, developers should review and modify the get_article_urls function to enforce strict limits on recursion depth, ensuring the max_depth parameter is correctly implemented and validated. Input validation should be enhanced to reject or sanitize inputs that could trigger excessive recursion. Employ runtime monitoring to detect abnormal resource consumption patterns indicative of recursion abuse. Implement application-level rate limiting or request throttling to reduce the risk of repeated exploit attempts. Consider isolating or sandboxing the vulnerable component to limit the impact of potential crashes. Additionally, incorporate robust error handling to gracefully manage recursion limit exceptions without crashing the entire process. Finally, conduct security code reviews and static analysis focused on recursion and resource management in Python codebases.