Platform
javascript
Component
anything-llm
Fixed in
1.11.2
CVE-2026-32626 describes a critical Cross-Site Scripting (XSS) vulnerability within AnythingLLM Desktop, an application designed to provide context for Large Language Models (LLMs). This vulnerability escalates to Remote Code Execution (RCE) due to an insecure Electron configuration. Versions 1.11.1 and earlier are affected, and exploitation requires no user interaction beyond normal chat usage. A patch is expected to address this issue.
The vulnerability lies in the custom markdown-it image renderer within the chat rendering pipeline. Attackers can inject malicious code directly into the alt attribute of images without proper HTML entity escaping. Because AnythingLLM Desktop is built on Electron, this XSS vulnerability can be leveraged to execute arbitrary code on the host operating system. This represents a significant security risk, allowing attackers to potentially gain full control of the affected machine, steal sensitive data, or install malware. The lack of user interaction required for exploitation dramatically increases the attack surface and potential for widespread compromise.
This vulnerability is considered high probability due to its ease of exploitation and the potential for RCE. Public proof-of-concept (PoC) code is likely to emerge given the vulnerability's nature. The vulnerability was publicly disclosed on 2026-03-13. It's crucial to monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns.
Exploit Status
EPSS
0.05% (17% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to a patched version of AnythingLLM Desktop as soon as it becomes available. Until a patch is released, consider disabling or restricting the use of the application, especially in environments with sensitive data. While a direct workaround is not available, implementing Content Security Policy (CSP) within the Electron application could potentially reduce the attack surface, though this requires significant code modification and may impact functionality. Monitor network traffic for suspicious requests related to image rendering within the application.
Update AnythingLLM to a version later than 1.11.1. This fixes the XSS vulnerability that can lead to remote code execution. The update can be performed by downloading the latest version from the official website or using the corresponding package manager.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-32626 is a critical vulnerability in AnythingLLM Desktop versions up to 1.11.1 that allows attackers to execute code on the host system through an XSS flaw in the image rendering pipeline.
Yes, if you are using AnythingLLM Desktop version 1.11.1 or earlier, you are vulnerable to this RCE attack.
Upgrade to the latest version of AnythingLLM Desktop as soon as a patch is released. Until then, restrict usage and monitor for suspicious activity.
While active exploitation is not yet confirmed, the vulnerability's ease of exploitation suggests it is likely to be targeted soon. Monitor security advisories for updates.
Refer to the official AnythingLLM project website and security advisories for the latest information and patch releases.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.