Aggregates CVE and security vulnerability intelligence across all Mintplexlabs-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling, vendor risk cross-site scripting, and vendor risk ssrf and related problems; some flaws may lead to vendor impact file overwrite and vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-0798 | A privilege escalation vulnerability exists in mintplex-labs/anything-llm, allowing users with 'default' role to delete documents uploaded by 'admin'. Despite the intended restriction that prevents 'default' role users from deleting admin-uploaded documents, an attacker can exploit this vulnerability by sending a crafted DELETE request to the /api/system/remove-document endpoint. This vulnerability is due to improper access control checks, enabling unauthorized document deletion and potentially | [email protected] | 6.5 | 0.57% | 2024-02-26 | 2026-06-17 |
| CVE-2024-0455 | The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL ``` http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance ``` which is a special IP and URL that resolves only when the request comes from within an EC2 instance. This would allow the user to see the connection/secret credentials for their specific instance and be able to manage it rega | [email protected] | 7.5 | 0.81% | 2024-02-26 | 2026-06-17 |
| CVE-2024-0440 | Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files. | [email protected] | 6.5 | 0.64% | 2024-02-26 | 2026-06-17 |
| CVE-2024-0439 | As a manager, you should not be able to modify a series of settings. In the UI this is indeed hidden as a convenience for the role since most managers would not be savvy enough to modify these settings. They can use their token to still modify those settings though through a standard HTTP request While this is not a critical vulnerability, it does indeed need to be patched to enforce the expected permission level. | [email protected] | 8.8 | 0.64% | 2024-02-26 | 2026-06-17 |
| CVE-2024-0436 | Theoretically, it would be possible for an attacker to brute-force the password for an instance in single-user password protection mode via a timing attack given the linear nature of the `!==` used for comparison. The risk is minified by the additional overhead of the request, which varies in a non-constant nature making the attack less reliable to execute | [email protected] | 5.9 | 0.48% | 2024-02-26 | 2026-06-17 |
| CVE-2024-0435 | User can send a chat that contains an XSS opportunity that will then run when the chat is sent and on subsequent page loads. Given the minimum requirement for a user to send a chat is to be given access to a workspace via an admin the risk is low. Additionally, the location in which the XSS renders is only limited to the user who submits the XSS. Ultimately, this attack is limited to the user attacking themselves. There is no anonymous chat submission unless the user does not take the minimum | [email protected] | 5.4 | 0.47% | 2024-02-26 | 2026-06-17 |
| CVE-2024-0879 | Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address. | [email protected] | 6.5 | 0.38% | 2024-01-25 | 2026-06-17 |
| CVE-2024-22422 | AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit `08d33cfd8` an unauthenticated API route (file export) can allow attacker to crash the server resulting in a denial of service attack. The “data-export” endpoint is used to export files using the filename parameter as user input. The endpoint takes the user input, filters it to avoid directory traversal attacks, fetches | [email protected] | 7.5 | 1.04% | 2024-01-18 | 2026-06-17 |
| CVE-2023-5833 | Improper Access Control in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. | [email protected] | 8.8 | 0.63% | 2023-10-30 | 2026-06-17 |
| CVE-2023-5832 | Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. | [email protected] | 9.1 | 0.73% | 2023-10-30 | 2026-06-17 |
| CVE-2023-4899 | SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. | [email protected] | 8.8 | 0.65% | 2023-09-11 | 2026-06-17 |
| CVE-2023-4898 | Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. | [email protected] | 7.5 | 0.58% | 2023-09-11 | 2026-06-17 |
| CVE-2023-4897 | Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. | [email protected] | 9.8 | 0.75% | 2023-09-11 | 2026-06-17 |