CVE-2026-5627
Path Traversal in mintplex-labs/anything-llm AgentFlows Risks Data Loss
Publication date: 2026-04-07
Last updated on: 2026-04-24
Assigner: huntr.dev
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mintplexlabs | anythingllm | to 1.9.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-29 | The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-5627 is a path traversal vulnerability in the mintplex-labs/anything-llm software, specifically in versions up to and including 1.9.1 within the AgentFlows component. The issue arises from improper handling of user input in the loadFlow and deleteFlow methods, where the combination of path.join and normalizePath allows attackers to bypass directory restrictions.
This vulnerability enables attackers to access or delete arbitrary .json files on the server, which should normally be restricted. This can lead to unauthorized information disclosure or denial of service.
How can this vulnerability impact me? :
The vulnerability can have serious impacts including information disclosure and denial of service. Attackers can exploit it to leak sensitive configuration files that may contain API keys or other confidential data.
Additionally, attackers can delete critical files such as package.json, potentially causing the application to malfunction or become unavailable.
Because the vulnerability allows arbitrary file access and deletion, it poses a high risk to the confidentiality, integrity, and availability of the affected system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the affected software version is up to and including 1.9.1 and if the `AgentFlows` component improperly handles file paths allowing path traversal.
One approach is to verify if unauthorized access or deletion of `.json` files outside the intended directory occurs, especially files like `package.json` or configuration files containing API keys.
Since the vulnerability is related to path traversal in the `loadFlow` and `deleteFlow` methods, monitoring file system access logs for unusual access patterns or deletions of `.json` files outside the flows directory can help.
Specific commands are not provided in the available resources or context.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the mintplex-labs/anything-llm software to version 1.12.1 or later, where the vulnerability is fixed.
The fix involves enhanced path validation that restricts file operations to within the designated flows directory, preventing path traversal attacks.
If upgrading immediately is not possible, restrict access to the `AgentFlows` component and ensure only trusted admin users can perform flow-plugin operations.
Additionally, monitor and audit file system operations related to `.json` files to detect any unauthorized access or deletion attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows attackers to access or delete arbitrary JSON files on the server, potentially leading to information disclosure of sensitive configuration files containing API keys and denial of service by deleting critical files.
Such unauthorized access and potential data leakage could impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and ensuring system availability.
By exposing sensitive configuration data or causing denial of service, the vulnerability could lead to violations of data protection and security requirements mandated by these regulations.