Vendor CVEs
Mintplex Labs
All CVEs
70 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-48116 | Hig | 0.42 | 7.5 | 0.00 | May 28, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the filesystem-search-files agent skill passes its LLM-controlled pattern parameter to ripgrep as a positional argument without a --… | ||
| CVE-2026-5627 | Hig | 0.40 | 7.2 | 0.01 | Apr 7, 2026 | A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input in the `loadFlow` and `deleteFlow` methods in… | ||
| CVE-2026-41318 | Med | 0.28 | 5.4 | 0.00 | Apr 24, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, AnythingLLM's in-chat markdown renderer has an unsafe custom rule for images that interpolates the markdown image's `alt` text… | ||
| CVE-2024-4286 | Med | 0.25 | 4.9 | 0.00 | May 26, 2024 | Mintplex-Labs' anything-llm application is vulnerable to improper neutralization of special elements used in an expression language statement, identified in the commit id `57984fa85c31988b2eff429adfc654c46e0c342a`. The vulnerability arises from the application's handling of user… | ||
| CVE-2026-42456 | Med | 0.21 | 4.3 | 0.00 | May 8, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLLM returns the text-to-speech audio for another user's chat response within the… | ||
| CVE-2026-47713 | Low | 0.06 | 2.0 | 0.00 | May 28, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user -> multi-user migration even when the device record… | ||
| CVE-2026-45403 | Low | 0.06 | 2.0 | 0.00 | May 28, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the AnythingLLM agent filesystem copy tool validates only the top-level source and destination paths. The recursive copy helper then… | ||
| CVE-2024-6842 | 0.02 | — | 0.29 | Mar 20, 2025 | In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be… | |||
| CVE-2024-13059 | 0.02 | — | 0.20 | Feb 10, 2025 | A vulnerability in mintplex-labs/anything-llm prior to version 1.3.1 allows for path traversal due to improper handling of non-ASCII filenames in the multer library. This vulnerability can lead to arbitrary file write, which can subsequently result in remote code execution. The… | |||
| CVE-2026-24477 | 0.01 | — | 0.02 | Jan 26, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text… | |||
| CVE-2026-55611 | 0.00 | — | 0.00 | Jun 24, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST… | |||
| CVE-2026-48789 | 0.00 | — | 0.00 | Jun 24, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents… | |||
| CVE-2026-32719 | 0.00 | — | 0.00 | Mar 13, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The ImportedPlugin.importCommunityItemFromUrl() function in server/utils/agents/imported.js downloads a ZIP file from a community… | |||
| CVE-2026-32717 | 0.00 | — | 0.00 | Mar 13, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, in multi-user mode, AnythingLLM blocks suspended users on the normal JWT-backed session path, but it does not block them on the… | |||
| CVE-2026-32715 | 0.00 | — | 0.00 | Mar 13, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The two generic system-preferences endpoints allow manager role access, while every other surface that touches the same settings is… | |||
| CVE-2026-32628 | 0.00 | — | 0.00 | Mar 13, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, a SQL injection vulnerability in the built-in SQL Agent plugin allows any user who can invoke the agent to execute arbitrary SQL… | |||
| CVE-2026-32626 | 0.00 | — | 0.01 | Mar 13, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, AnythingLLM Desktop contains a Streaming Phase XSS vulnerability in the chat rendering pipeline that escalates to Remote Code… | |||
| CVE-2026-32617 | 0.00 | — | 0.00 | Mar 13, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, On default installations where no password or API key has been configured, all HTTP endpoints and the agent WebSocket lack… | |||
| CVE-2026-24478 | 0.00 | — | 0.01 | Jan 26, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.10.0, a critical Path Traversal vulnerability in the DrupalWiki integration allows a malicious admin (or an attacker who can convince an… | |||
| CVE-2026-21484 | 0.00 | — | 0.01 | Jan 3, 2026 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to commit e287fab56089cf8fcea9ba579a3ecdeca0daa313, the password recovery endpoint returns different error messages depending on whether a username… | |||
| CVE-2025-63390 | 0.00 | — | 0.00 | Dec 18, 2025 | An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured… | |||
| CVE-2024-8196 | 0.00 | — | 0.01 | Mar 20, 2025 | In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server port 3001 on 0.0.0.0 with no authentication by default. This vulnerability allows an attacker to gain full backend access, enabling them to perform actions such as deleting all data… | |||
| CVE-2024-8248 | 0.00 | — | 0.01 | Mar 20, 2025 | A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041 allows for path traversal, leading to arbitrary file read and write in the storage directory. This can result in privilege escalation from manager to admin. The issue is fixed in… | |||
| CVE-2024-10513 | 0.00 | — | 0.01 | Mar 20, 2025 | A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By… | |||
| CVE-2024-8249 | 0.00 | — | 0.01 | Mar 20, 2025 | mintplex-labs/anything-llm version git 6dc3642 contains an unauthenticated Denial of Service (DoS) vulnerability in the API for the embeddable chat functionality. An attacker can exploit this vulnerability by sending a malformed JSON payload to the API endpoint, causing a server… | |||
| CVE-2024-10109 | 0.00 | — | 0.00 | Mar 20, 2025 | A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint "/api/system/custom-models". This access enables them to modify the model's API key and base path, leading to potential API key… | |||
| CVE-2024-7771 | 0.00 | — | 0.01 | Mar 20, 2025 | A vulnerability in the Dockerized version of mintplex-labs/anything-llm (latest, digest 1d9452da2b92) allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance.… | |||
| CVE-2024-8251 | 0.00 | — | 0.00 | Mar 20, 2025 | A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection. The issue exists in the API endpoint "/embed/:embedId/stream-chat" where user-provided JSON is directly taken to the Prisma library's where clause. An attacker can exploit this by… | |||
| CVE-2024-7783 | 0.00 | — | 0.00 | Oct 29, 2024 | mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This… | |||
| CVE-2024-3279 | 0.00 | — | 0.01 | Aug 9, 2024 | An improper access control vulnerability exists in the mintplex-labs/anything-llm application, specifically within the import endpoint. This vulnerability allows an anonymous attacker, without an account in the application, to import their own database file, leading to the… | |||
| CVE-2024-5216 | 0.00 | — | 0.01 | Jun 25, 2024 | A vulnerability in mintplex-labs/anything-llm allows for a Denial of Service (DoS) condition due to uncontrolled resource consumption. Specifically, the issue arises from the application's failure to limit the size of usernames, enabling attackers to create users with… | |||
| CVE-2024-5213 | 0.00 | — | 0.00 | Jun 20, 2024 | In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where the password hash of a user is returned in the response after login (`POST /api/request-token`) and after account creations (`POST /api/admin/users/new`). This exposure occurs because… | |||
| CVE-2024-5208 | 0.00 | — | 0.01 | Jun 19, 2024 | An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the… | |||
| CVE-2024-5211 | 0.00 | — | 0.01 | Jun 12, 2024 | A path traversal vulnerability in mintplex-labs/anything-llm allowed a manager to bypass the `normalizePath()` function, intended to defend against path traversal attacks. This vulnerability enables the manager to read, delete, or overwrite the 'anythingllm.db' database file and… | |||
| CVE-2024-3150 | 0.00 | — | 0.01 | Jun 6, 2024 | In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows users with Default or Manager roles to escalate their privileges to Administrator. The issue arises from improper input validation when handling HTTP POST requests to the endpoint… | |||
| CVE-2024-3149 | 0.00 | — | 0.01 | Jun 6, 2024 | A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex-labs/anything-llm. This feature, intended for users with manager or admin roles, processes uploaded links through an internal Collector API using a headless browser. An attacker can… | |||
| CVE-2024-3153 | 0.00 | — | 0.01 | Jun 6, 2024 | mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability… | |||
| CVE-2024-3166 | 0.00 | — | 0.01 | Jun 6, 2024 | A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and the latest version of the web application. The vulnerability arises from the application's feature to fetch and embed content from websites… | |||
| CVE-2024-3102 | 0.00 | — | 0.00 | Jun 6, 2024 | A JSON Injection vulnerability exists in the `mintplex-labs/anything-llm` application, specifically within the username parameter during the login process at the `/api/request-token` endpoint. The vulnerability arises from improper handling of values, allowing attackers to… | |||
| CVE-2024-3110 | 0.00 | — | 0.01 | Jun 6, 2024 | A stored Cross-Site Scripting (XSS) vulnerability exists in the mintplex-labs/anything-llm application, affecting versions up to and including the latest before 1.0.0. The vulnerability arises from the application's failure to properly sanitize and validate user-supplied URLs… | |||
| CVE-2024-3104 | 0.00 | — | 0.01 | Jun 6, 2024 | A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper handling of environment variables. Attackers can exploit this vulnerability by injecting arbitrary environment variables via the `POST /api/system/update-env` endpoint, which allows for… | |||
| CVE-2024-3033 | 0.00 | — | 0.01 | Jun 6, 2024 | An improper authorization vulnerability exists in the mintplex-labs/anything-llm application, specifically within the '/api/v/' endpoint and its sub-routes. This flaw allows unauthenticated users to perform destructive actions on the VectorDB, including resetting the database… | |||
| CVE-2024-3152 | 0.00 | — | 0.01 | Jun 6, 2024 | mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input validation in several endpoints. An attacker can exploit these vulnerabilities to escalate privileges from a default user role to an admin role, read and delete arbitrary files on the… | |||
| CVE-2024-4084 | 0.00 | — | 0.00 | Jun 5, 2024 | A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. Despite efforts to filter out intranet IP addresses… | |||
| CVE-2024-4287 | 0.00 | — | 0.01 | May 20, 2024 | In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be… | |||
| CVE-2024-4284 | 0.00 | — | 0.01 | May 19, 2024 | A vulnerability in mintplex-labs/anything-llm allows for a denial of service (DoS) condition through the modification of a user's `id` attribute to a value of 0. This issue affects the current version of the software, with the latest commit id… | |||
| CVE-2024-2913 | 0.00 | — | 0.00 | May 6, 2024 | A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically within the user invite acceptance process. Attackers can exploit this vulnerability by sending multiple concurrent requests to accept a single user invite, allowing the creation of… | |||
| CVE-2024-3029 | 0.00 | — | 0.01 | Apr 16, 2024 | In mintplex-labs/anything-llm, an attacker can exploit improper input validation by sending a malformed JSON payload to the '/system/enable-multi-user' endpoint. This triggers an error that is caught by a catch block, which in turn deletes all users and disables the… | |||
| CVE-2024-0549 | 0.00 | — | 0.01 | Apr 16, 2024 | mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing unauthorized attackers with a default role account to delete files and folders within the filesystem, including critical database files such as 'anythingllm.db'. The vulnerability stems from… | |||
| CVE-2024-3028 | 0.00 | — | 0.01 | Apr 16, 2024 | mintplex-labs/anything-llm is vulnerable to improper input validation, allowing attackers to read and delete arbitrary files on the server. By manipulating the 'logo_filename' parameter in the 'system-preferences' API endpoint, an attacker can construct requests to read… |
- risk 0.42cvss 7.5epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the filesystem-search-files agent skill passes its LLM-controlled pattern parameter to ripgrep as a positional argument without a --…
- risk 0.40cvss 7.2epss 0.01
A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input in the `loadFlow` and `deleteFlow` methods in…
- risk 0.28cvss 5.4epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, AnythingLLM's in-chat markdown renderer has an unsafe custom rule for images that interpolates the markdown image's `alt` text…
- risk 0.25cvss 4.9epss 0.00
Mintplex-Labs' anything-llm application is vulnerable to improper neutralization of special elements used in an expression language statement, identified in the commit id `57984fa85c31988b2eff429adfc654c46e0c342a`. The vulnerability arises from the application's handling of user…
- risk 0.21cvss 4.3epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLLM returns the text-to-speech audio for another user's chat response within the…
- risk 0.06cvss 2.0epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user -> multi-user migration even when the device record…
- risk 0.06cvss 2.0epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the AnythingLLM agent filesystem copy tool validates only the top-level source and destination paths. The recursive copy helper then…
- CVE-2024-6842Mar 20, 2025risk 0.02cvss —epss 0.29
In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be…
- CVE-2024-13059Feb 10, 2025risk 0.02cvss —epss 0.20
A vulnerability in mintplex-labs/anything-llm prior to version 1.3.1 allows for path traversal due to improper handling of non-ASCII filenames in the multer library. This vulnerability can lead to arbitrary file write, which can subsequently result in remote code execution. The…
- CVE-2026-24477Jan 26, 2026risk 0.01cvss —epss 0.02
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text…
- CVE-2026-55611Jun 24, 2026risk 0.00cvss —epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST…
- CVE-2026-48789Jun 24, 2026risk 0.00cvss —epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents…
- CVE-2026-32719Mar 13, 2026risk 0.00cvss —epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The ImportedPlugin.importCommunityItemFromUrl() function in server/utils/agents/imported.js downloads a ZIP file from a community…
- CVE-2026-32717Mar 13, 2026risk 0.00cvss —epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, in multi-user mode, AnythingLLM blocks suspended users on the normal JWT-backed session path, but it does not block them on the…
- CVE-2026-32715Mar 13, 2026risk 0.00cvss —epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The two generic system-preferences endpoints allow manager role access, while every other surface that touches the same settings is…
- CVE-2026-32628Mar 13, 2026risk 0.00cvss —epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, a SQL injection vulnerability in the built-in SQL Agent plugin allows any user who can invoke the agent to execute arbitrary SQL…
- CVE-2026-32626Mar 13, 2026risk 0.00cvss —epss 0.01
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, AnythingLLM Desktop contains a Streaming Phase XSS vulnerability in the chat rendering pipeline that escalates to Remote Code…
- CVE-2026-32617Mar 13, 2026risk 0.00cvss —epss 0.00
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, On default installations where no password or API key has been configured, all HTTP endpoints and the agent WebSocket lack…
- CVE-2026-24478Jan 26, 2026risk 0.00cvss —epss 0.01
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.10.0, a critical Path Traversal vulnerability in the DrupalWiki integration allows a malicious admin (or an attacker who can convince an…
- CVE-2026-21484Jan 3, 2026risk 0.00cvss —epss 0.01
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to commit e287fab56089cf8fcea9ba579a3ecdeca0daa313, the password recovery endpoint returns different error messages depending on whether a username…
- CVE-2025-63390Dec 18, 2025risk 0.00cvss —epss 0.00
An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured…
- CVE-2024-8196Mar 20, 2025risk 0.00cvss —epss 0.01
In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server port 3001 on 0.0.0.0 with no authentication by default. This vulnerability allows an attacker to gain full backend access, enabling them to perform actions such as deleting all data…
- CVE-2024-8248Mar 20, 2025risk 0.00cvss —epss 0.01
A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041 allows for path traversal, leading to arbitrary file read and write in the storage directory. This can result in privilege escalation from manager to admin. The issue is fixed in…
- CVE-2024-10513Mar 20, 2025risk 0.00cvss —epss 0.01
A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By…
- CVE-2024-8249Mar 20, 2025risk 0.00cvss —epss 0.01
mintplex-labs/anything-llm version git 6dc3642 contains an unauthenticated Denial of Service (DoS) vulnerability in the API for the embeddable chat functionality. An attacker can exploit this vulnerability by sending a malformed JSON payload to the API endpoint, causing a server…
- CVE-2024-10109Mar 20, 2025risk 0.00cvss —epss 0.00
A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint "/api/system/custom-models". This access enables them to modify the model's API key and base path, leading to potential API key…
- CVE-2024-7771Mar 20, 2025risk 0.00cvss —epss 0.01
A vulnerability in the Dockerized version of mintplex-labs/anything-llm (latest, digest 1d9452da2b92) allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance.…
- CVE-2024-8251Mar 20, 2025risk 0.00cvss —epss 0.00
A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection. The issue exists in the API endpoint "/embed/:embedId/stream-chat" where user-provided JSON is directly taken to the Prisma library's where clause. An attacker can exploit this by…
- CVE-2024-7783Oct 29, 2024risk 0.00cvss —epss 0.00
mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in single user mode. When decoded, the JWT reveals the password in plaintext. This…
- CVE-2024-3279Aug 9, 2024risk 0.00cvss —epss 0.01
An improper access control vulnerability exists in the mintplex-labs/anything-llm application, specifically within the import endpoint. This vulnerability allows an anonymous attacker, without an account in the application, to import their own database file, leading to the…
- CVE-2024-5216Jun 25, 2024risk 0.00cvss —epss 0.01
A vulnerability in mintplex-labs/anything-llm allows for a Denial of Service (DoS) condition due to uncontrolled resource consumption. Specifically, the issue arises from the application's failure to limit the size of usernames, enabling attackers to create users with…
- CVE-2024-5213Jun 20, 2024risk 0.00cvss —epss 0.00
In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where the password hash of a user is returned in the response after login (`POST /api/request-token`) and after account creations (`POST /api/admin/users/new`). This exposure occurs because…
- CVE-2024-5208Jun 19, 2024risk 0.00cvss —epss 0.01
An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the…
- CVE-2024-5211Jun 12, 2024risk 0.00cvss —epss 0.01
A path traversal vulnerability in mintplex-labs/anything-llm allowed a manager to bypass the `normalizePath()` function, intended to defend against path traversal attacks. This vulnerability enables the manager to read, delete, or overwrite the 'anythingllm.db' database file and…
- CVE-2024-3150Jun 6, 2024risk 0.00cvss —epss 0.01
In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows users with Default or Manager roles to escalate their privileges to Administrator. The issue arises from improper input validation when handling HTTP POST requests to the endpoint…
- CVE-2024-3149Jun 6, 2024risk 0.00cvss —epss 0.01
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex-labs/anything-llm. This feature, intended for users with manager or admin roles, processes uploaded links through an internal Collector API using a headless browser. An attacker can…
- CVE-2024-3153Jun 6, 2024risk 0.00cvss —epss 0.01
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability…
- CVE-2024-3166Jun 6, 2024risk 0.00cvss —epss 0.01
A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and the latest version of the web application. The vulnerability arises from the application's feature to fetch and embed content from websites…
- CVE-2024-3102Jun 6, 2024risk 0.00cvss —epss 0.00
A JSON Injection vulnerability exists in the `mintplex-labs/anything-llm` application, specifically within the username parameter during the login process at the `/api/request-token` endpoint. The vulnerability arises from improper handling of values, allowing attackers to…
- CVE-2024-3110Jun 6, 2024risk 0.00cvss —epss 0.01
A stored Cross-Site Scripting (XSS) vulnerability exists in the mintplex-labs/anything-llm application, affecting versions up to and including the latest before 1.0.0. The vulnerability arises from the application's failure to properly sanitize and validate user-supplied URLs…
- CVE-2024-3104Jun 6, 2024risk 0.00cvss —epss 0.01
A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper handling of environment variables. Attackers can exploit this vulnerability by injecting arbitrary environment variables via the `POST /api/system/update-env` endpoint, which allows for…
- CVE-2024-3033Jun 6, 2024risk 0.00cvss —epss 0.01
An improper authorization vulnerability exists in the mintplex-labs/anything-llm application, specifically within the '/api/v/' endpoint and its sub-routes. This flaw allows unauthenticated users to perform destructive actions on the VectorDB, including resetting the database…
- CVE-2024-3152Jun 6, 2024risk 0.00cvss —epss 0.01
mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input validation in several endpoints. An attacker can exploit these vulnerabilities to escalate privileges from a default user role to an admin role, read and delete arbitrary files on the…
- CVE-2024-4084Jun 5, 2024risk 0.00cvss —epss 0.00
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. Despite efforts to filter out intranet IP addresses…
- CVE-2024-4287May 20, 2024risk 0.00cvss —epss 0.01
In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be…
- CVE-2024-4284May 19, 2024risk 0.00cvss —epss 0.01
A vulnerability in mintplex-labs/anything-llm allows for a denial of service (DoS) condition through the modification of a user's `id` attribute to a value of 0. This issue affects the current version of the software, with the latest commit id…
- CVE-2024-2913May 6, 2024risk 0.00cvss —epss 0.00
A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically within the user invite acceptance process. Attackers can exploit this vulnerability by sending multiple concurrent requests to accept a single user invite, allowing the creation of…
- CVE-2024-3029Apr 16, 2024risk 0.00cvss —epss 0.01
In mintplex-labs/anything-llm, an attacker can exploit improper input validation by sending a malformed JSON payload to the '/system/enable-multi-user' endpoint. This triggers an error that is caught by a catch block, which in turn deletes all users and disables the…
- CVE-2024-0549Apr 16, 2024risk 0.00cvss —epss 0.01
mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing unauthorized attackers with a default role account to delete files and folders within the filesystem, including critical database files such as 'anythingllm.db'. The vulnerability stems from…
- CVE-2024-3028Apr 16, 2024risk 0.00cvss —epss 0.01
mintplex-labs/anything-llm is vulnerable to improper input validation, allowing attackers to read and delete arbitrary files on the server. By manipulating the 'logo_filename' parameter in the 'system-preferences' API endpoint, an attacker can construct requests to read…
Page 1 of 2