Description
A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input in the `loadFlow` and `deleteFlow` methods in `server/utils/agentFlows/index.js`. Specifically, the combination of `path.join` and `normalizePath` allows attackers to bypass directory restrictions and access or delete arbitrary `.json` files on the server. This can lead to information disclosure, such as leaking sensitive configuration files containing API keys, or denial of service by deleting critical files like `package.json`. The issue is resolved in version 1.12.1.
Published: 2026-04-07
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Confidentiality and integrity compromise
Action: Immediate Patch
AI Analysis

Impact

A path traversal flaw in the AgentFlows component of mintplex-labs/anything-llm allows an attacker to supply crafted file names to the loadFlow and deleteFlow functions, enabling arbitrary reading or deletion of .json files on the server. This vulnerability can expose sensitive configuration data, such as API keys, and can delete critical files like package.json, leading to data loss or denial of service. The weakness is a classic CWE‑29 type path validation defect.

Affected Systems

The issue affects all installations of mintplex-labs/anything‑llm up through version 1.9.1. The flaw is limited to the AgentFlows API endpoints and is fixed in release 1.12.1. Users running the earlier releases should verify their version and plan an upgrade.

Risk and Exploitability

With a CVSS score of 7.2 the vulnerability is considered high; its exploitability relies on sending crafted requests to the vulnerable endpoints. Attackers can trigger the flaw remotely via the exposed API; the attack vector is inferred to require authentication or network access, as the vulnerability is only reachable through the API endpoints. The EPSS score of < 1% indicates a very low but nonzero exploitation probability, and the vulnerability has not been catalogued in the CISA KEV list, but the high score indicates a significant risk.

Generated by OpenCVE AI on April 28, 2026 at 21:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade mintplex‑labs/anything‑llm to version 1.12.1 or later
  • Restrict the loadFlow and deleteFlow endpoints to authenticated and authorized users only
  • Ensure file system permissions limit application access to the directory containing .json configuration files

Generated by OpenCVE AI on April 28, 2026 at 21:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 24 Apr 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Mintplexlabs
Mintplexlabs anythingllm
CPEs cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:*
Vendors & Products Mintplexlabs
Mintplexlabs anythingllm
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Miniplex Labs
Miniplex Labs miniplex Labs/anything Lim
Vendors & Products Miniplex Labs
Miniplex Labs miniplex Labs/anything Lim

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input in the `loadFlow` and `deleteFlow` methods in `server/utils/agentFlows/index.js`. Specifically, the combination of `path.join` and `normalizePath` allows attackers to bypass directory restrictions and access or delete arbitrary `.json` files on the server. This can lead to information disclosure, such as leaking sensitive configuration files containing API keys, or denial of service by deleting critical files like `package.json`. The issue is resolved in version 1.12.1.
Title Path Traversal in mintplex-labs/anything-llm
Weaknesses CWE-29
References
Metrics cvssV3_0

{'score': 9.1, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Miniplex Labs Miniplex Labs/anything Lim
Mintplexlabs Anythingllm
cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published:

Updated: 2026-04-07T13:52:59.055Z

Reserved: 2026-04-05T18:57:42.463Z

Link: CVE-2026-5627

cve-icon Vulnrichment

Updated: 2026-04-07T13:52:52.891Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T14:16:24.460

Modified: 2026-04-24T13:57:07.697

Link: CVE-2026-5627

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T21:45:26Z

Weaknesses