Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
9.8CVSS
9.2AI Score
0.001EPSS
Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0.
9.1CVSS
9.2AI Score
0.0005EPSS
Improper Access Control in GitHub repository mintplex-labs/anything-llm prior to 0.1.0.
8.8CVSS
8.2AI Score
0.001EPSS
AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit 08d33cfd8 an unauthenticated API route (file export) can allow attacker to crash the server resulting in a denial of serv...
7.5CVSS
7.5AI Score
0.0005EPSS
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. Despite efforts to filter out intranet IP addresses starting with 192, 172...
7.5CVSS
7.2AI Score
0.001EPSS