Vulnerabilities > Mintplexlabs

DATE CVE VULNERABILITY TITLE RISK
2024-01-25 CVE-2024-0879 Improper Authentication vulnerability in Mintplexlabs Vector Admin
Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address.
network
low complexity
mintplexlabs CWE-287
4.3
4.3
2024-01-19 CVE-2024-22422 Improper Check for Unusual or Exceptional Conditions vulnerability in Mintplexlabs Anythingllm 0.0.1/0.1.0
AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting.
network
low complexity
mintplexlabs CWE-754
7.5
7.5
2023-10-30 CVE-2023-5832 Improper Input Validation vulnerability in Mintplexlabs Anythingllm 0.0.1
Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0.
network
low complexity
mintplexlabs CWE-20
critical
 9.1
9.1
2023-10-30 CVE-2023-5833 Improper Access Control vulnerability in Mintplexlabs Anythingllm 0.0.1
Improper Access Control in GitHub repository mintplex-labs/anything-llm prior to 0.1.0.
network
low complexity
mintplexlabs CWE-284
8.8
8.8
2023-09-12 CVE-2023-4898 Unspecified vulnerability in Mintplexlabs Anything-Llm
Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
network
low complexity
mintplexlabs
7.5
7.5
2023-09-12 CVE-2023-4899 SQL Injection vulnerability in Mintplexlabs Anything-Llm
SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
network
low complexity
mintplexlabs CWE-89
8.8
8.8
2023-09-11 CVE-2023-4897 Relative Path Traversal vulnerability in Mintplexlabs Anythingllm
Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
network
low complexity
mintplexlabs CWE-23
critical
 9.8
9.8