Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MintplexlabsAnythingllm

3 matches found

CVE
CVEadded 2024/05/20 1:15 p.m.83 views

CVE-2024-4287

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to /api/workspace/:workspace-slug/update, allowing it to be executed as part of a ...

8.1CVSS7.8AI score0.00158EPSS
CVE
CVEadded 2024/05/07 12:15 a.m.59 views

CVE-2024-2913

A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically within the user invite acceptance process. Attackers can exploit this vulnerability by sending multiple concurrent requests to accept a single user invite, allowing the creation of multiple user account...

6.5CVSS6.6AI score0.00084EPSS
CVE
CVEadded 2024/05/19 11:15 p.m.52 views

CVE-2024-4284

A vulnerability in mintplex-labs/anything-llm allows for a denial of service (DoS) condition through the modification of a user's id attribute to a value of 0. This issue affects the current version of the software, with the latest commit id 57984fa85c31988b2eff429adfc654c46e0c342a. By exploiting t...

4.9CVSS6.8AI score0.00136EPSS