Vulnerabilities > Mintplexlabs
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-3152 | Improper Handling of Exceptional Conditions vulnerability in Mintplexlabs Anythingllm 0.0.1/0.1.0 mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input validation in several endpoints. | 8.8 |
| 2024-06-05 | CVE-2024-4084 | Server-Side Request Forgery (SSRF) vulnerability in Mintplexlabs Anythingllm A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. | 7.5 |
| 2024-01-25 | CVE-2024-0879 | Improper Authentication vulnerability in Mintplexlabs Vector Admin Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address. | 4.3 |
| 2024-01-19 | CVE-2024-22422 | Improper Check for Unusual or Exceptional Conditions vulnerability in Mintplexlabs Anythingllm 0.0.1/0.1.0 AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. | 7.5 |
| 2023-10-30 | CVE-2023-5832 | Improper Input Validation vulnerability in Mintplexlabs Anythingllm 0.0.1 Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. | 9.1 |
| 2023-10-30 | CVE-2023-5833 | Improper Access Control vulnerability in Mintplexlabs Anythingllm 0.0.1 Improper Access Control in GitHub repository mintplex-labs/anything-llm prior to 0.1.0. | 8.8 |
| 2023-09-12 | CVE-2023-4898 | Unspecified vulnerability in Mintplexlabs Anything-Llm Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. | 7.5 |
| 2023-09-12 | CVE-2023-4899 | SQL Injection vulnerability in Mintplexlabs Anything-Llm SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. | 8.8 |
| 2023-09-11 | CVE-2023-4897 | Relative Path Traversal vulnerability in Mintplexlabs Anythingllm Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. | 9.8 |