CVE-2025-63390
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-18

Last updated on: 2025-12-19

Assigner: MITRE

Description
An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed data includes: workspace identifiers (id, name, slug), AI model configurations (chatProvider, chatModel, agentProvider), system prompts (openAiPrompt), operational parameters (temperature, history length, similarity thresholds), vector search settings, chat modes, and timestamps.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-18
Last Modified
2025-12-19
Generated
2026-06-16
AI Q&A
2025-12-18
EPSS Evaluated
2026-06-15
NVD
CVE-2025-63390
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
anythingllm anythingllm 1.8.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-63390 is an authentication bypass vulnerability in AnythingLLM version 1.8.5 affecting the /api/workspaces endpoint. This endpoint does not properly check for authentication, allowing unauthenticated remote attackers to send requests and receive detailed information about all configured workspaces. The exposed information includes workspace identifiers, AI model configurations, system prompts, operational parameters, vector search settings, chat modes, and timestamps. [1]

Impact Analysis

This vulnerability can lead to significant information disclosure, exposing sensitive configuration details of workspaces to unauthorized users. Attackers can enumerate all workspaces and gain insights into AI model settings and operational parameters, which may facilitate privilege escalation and unauthorized access to workspace resources, posing a high-severity security risk. [1]

Detection Guidance

This vulnerability can be detected by sending an unauthenticated HTTP GET request to the /api/workspaces endpoint of an AnythingLLM v1.8.5 instance. If the response returns HTTP 200 status and discloses detailed workspace information without requiring authentication, the system is vulnerable. A sample command using curl would be: curl -i http://<target-host>/api/workspaces [1]

Mitigation Strategies

Immediate mitigation steps include restricting access to the /api/workspaces endpoint by implementing proper authentication checks and access controls in the middleware. Until a patch or update is available, consider network-level protections such as firewall rules to limit access to trusted users only. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-63390. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart