Mintplex-Labs

mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within …

An improper access control vulnerability exists in the mintplex-labs/anything-llm application, specifically within the import endpoint. This vulnerab…

A vulnerability in mintplex-labs/anything-llm allows for a Denial of Service (DoS) condition due to uncontrolled resource consumption. Specifically, …

In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where the password hash of a user is returned in the respon…

An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of mintplex-labs/anything-llm. This vulnerability allows atta…

A path traversal vulnerability in mintplex-labs/anything-llm allowed a manager to bypass the `normalizePath()` function, intended to defend against p…

In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows users with Default or Manager roles to escalate their …

A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex-labs/anything-llm. This feature, intended for users …

mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of serv…

A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and the latest …