Platform
nodejs
Component
anything-llm
Fixed in
1.12.1
CVE-2026-5627 represents a path traversal vulnerability discovered in mintplex-labs/anything-llm versions prior to 1.12.1, specifically within the AgentFlows component. This flaw allows attackers to bypass directory restrictions by manipulating user input, enabling unauthorized access or deletion of sensitive files. The vulnerability impacts versions up to 1.12.1 and a patch is available in version 1.12.1.
CVE-2026-5627 in mintplex-labs/anything-llm (versions up to and including 1.9.1) presents a significant risk due to a path traversal vulnerability within the AgentFlows component. This flaw allows attackers to access or delete arbitrary .json files on the server, compromising data confidentiality and integrity. The combination of path.join and normalizePath in the loadFlow and deleteFlow methods within server/utils/agentFlows/index.js is the root cause, enabling bypassing directory restrictions. An attacker could, for example, read sensitive information stored in configuration files or delete critical workflows, disrupting application functionality. The CVSS severity score of 9.1 indicates a critical risk requiring immediate attention.
The vulnerability is exploited through manipulation of the input provided to the loadFlow and deleteFlow methods. An attacker can construct a malicious URL including special characters that, when combined with path.join and normalizePath, allow access to directories outside the intended scope. For example, using ../ to traverse up the directory hierarchy. The lack of adequate input validation allows attackers to bypass security protections and access sensitive files. Exploitation requires access to the application through a web interface or API.
Exploit Status
EPSS
0.04% (13% percentile)
CISA SSVC
CVSS Vector
The recommended solution is to upgrade to version 1.12.1 or higher of mintplex-labs/anything-llm. This version corrects the path traversal vulnerability by implementing more robust user input validation before using it in path.join and normalizePath functions. Additionally, review server permission configurations to limit access to sensitive files. Implementing a software security policy that includes regular security testing and vulnerability scanning can help prevent future incidents. Monitoring server logs for suspicious activity is also an important preventative measure.
Actualice el paquete anything-llm a la versión 1.12.1 o superior para mitigar la vulnerabilidad de recorrido de directorios. Esta actualización corrige la forma en que se manejan las entradas del usuario, evitando el acceso no autorizado a archivos sensibles en el servidor.
Vulnerability analysis and critical alerts directly to your inbox.
Versions of anything-llm up to and including 1.9.1 are vulnerable to CVE-2026-5627.
Check the installed version of anything-llm in your project. If it's less than 1.12.1, you are vulnerable.
As a temporary measure, restrict access to sensitive .json files on the server and monitor logs for suspicious activity.
Vulnerability scanning tools are being developed to detect this vulnerability. Check security sources for updates.
CVSS 9.1 indicates a critical vulnerability with a high degree of exploitability and a significant impact on the confidentiality, integrity, and availability of the system.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.