AnythingLLM: Windows path containment bypass in document folder route

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents directory. The shared path containment helper rejects POSIX-style "../" traversal but does not reject Windows-style parent paths returned by path.relative(), such as "..". This vulnerability is fixed in 1.13.0.

Basic Information

ID CVE-2026-48789

Source GitHub_M

Published Jun 24, 2026 at 17:13

Affected Product

Vendor Mintplex-Labs

Product anything-llm

Version < 1.13.0

Affected Versions Mintplex-Labs anything-llm < 1.13.0

CWE Classification

CWE-22

References

github.com /Mintplex-Labs/anything-llm/security/advisories/GHSA-j4m9-wwcq-m868

{
    "lastseen": "",
    "description": "AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents directory. The shared path containment helper rejects POSIX-style \"../\" traversal but does not reject Windows-style parent paths returned by path.relative(), such as \"..\". This vulnerability is fixed in 1.13.0.",
    "published": "2026-06-24T17:13:20.168Z",
    "modified": "2026-06-24T17:13:20.168Z",
    "type": "cve",
    "title": "AnythingLLM: Windows path containment bypass in document folder route",
    "source": "GitHub_M",
    "references": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-j4m9-wwcq-m868",
    "id": "CVE-2026-48789",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Mintplex-Labs anything-llm < 1.13.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "anything-llm",
    "version": "< 1.13.0",
    "vendor": "Mintplex-Labs",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

AnythingLLM: Windows path containment bypass in document folder route_CVE-2026-48789