CVE-2026-55611
Exploitation: PoC
0.0
CVSS 3.1
Description
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow still deletes the target file by primary key only, with no ownership check, inside two finally{} blocks that run even when the ownership-checked read fails. As a result a manager or admin (multi-user mode) can delete any other user's parsed file in any workspace — including workspaces they are not a member of — by enumerating integer fileIds. The server even returns "File not found" while still deleting the file. This vulnerability is fixed in 1.14.1.
Metadata
Severity & Metrics
0.0
N/D CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Mintplex-Labs | anything-llm | — | < 1.14.1 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-639 | cna | CWE-639: Authorization Bypass Through User-Controlled Key |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 0.0 | N/D | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N |
References (3)
- https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-r872-gr59-vf5w https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-r872-gr59-vf5w
- https://github.com/Mintplex-Labs/anything-llm/commit/34a42a33eaafe78b1e4020995ce8e9fd34d26c65 https://github.com/Mintplex-Labs/anything-llm/commit/34a42a33eaafe78b1e4020995ce8e9fd34d26c65
- https://github.com/Mintplex-Labs/anything-llm/commit/683fe3dfdc74b6d94c445a25bb0f2f218665a4c6 https://github.com/Mintplex-Labs/anything-llm/commit/683fe3dfdc74b6d94c445a25bb0f2f218665a4c6