Platform
nodejs
Component
anything-llm
Fixed in
1.11.2
CVE-2026-32719 describes a Path Traversal vulnerability discovered in AnythingLLM, an application designed to provide context for Large Language Models (LLMs). This flaw allows attackers to potentially execute arbitrary code by manipulating ZIP files downloaded from community hubs. The vulnerability impacts versions of AnythingLLM up to and including 1.11.1. A patch is expected to resolve this issue.
The vulnerability lies within the ImportedPlugin.importCommunityItemFromUrl() function, which handles the download and extraction of ZIP files. The function uses the AdmZip.extractAllTo() method without proper validation of file paths within the archive. This lack of validation enables a Zip Slip attack, a well-known technique where attackers craft ZIP files with strategically placed files to overwrite or access files outside the intended extraction directory. Successful exploitation could allow an attacker to overwrite critical system files, execute malicious code, or gain unauthorized access to sensitive data within the AnythingLLM environment. The potential blast radius depends on the permissions of the user running the AnythingLLM application.
This CVE was publicly disclosed on 2026-03-13. There is currently no indication of active exploitation campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog as of this writing. Public proof-of-concept exploits are not yet available, but the nature of the Zip Slip vulnerability suggests that such exploits are likely to emerge.
Exploit Status
EPSS
0.04% (11% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to a patched version of AnythingLLM that addresses this vulnerability. Until a patch is available, consider implementing temporary workarounds. One approach is to restrict the URLs from which AnythingLLM downloads ZIP files to trusted sources only. Another is to implement a WAF or proxy to inspect incoming ZIP files for suspicious path traversal patterns before they are processed by AnythingLLM. Thoroughly scan any downloaded ZIP files for malicious content before importing them. After upgrade, confirm by attempting to import a known-safe ZIP file and verifying that it extracts to the expected location without errors.
Update AnythingLLM to a version later than 1.11.1. This corrects the path traversal and arbitrary code execution vulnerability when importing plugins from the Community Hub.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-32719 is a vulnerability in AnythingLLM versions up to 1.11.1 that allows attackers to execute arbitrary code by crafting malicious ZIP files.
You are affected if you are using AnythingLLM version 1.11.1 or earlier and are importing ZIP files from untrusted sources.
Upgrade to a patched version of AnythingLLM. Until a patch is available, restrict ZIP file sources and scan files before import.
There is currently no indication of active exploitation, but the vulnerability's nature suggests potential for exploitation.
Refer to the official AnythingLLM project's website or repository for security advisories and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.