CVE-2026-5627
Received Received - Intake
Path Traversal in mintplex-labs/anything-llm AgentFlows Risks Data Loss

Publication date: 2026-04-07

Last updated on: 2026-04-24

Assigner: huntr.dev

Description
A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the `AgentFlows` component. The vulnerability arises from improper handling of user input in the `loadFlow` and `deleteFlow` methods in `server/utils/agentFlows/index.js`. Specifically, the combination of `path.join` and `normalizePath` allows attackers to bypass directory restrictions and access or delete arbitrary `.json` files on the server. This can lead to information disclosure, such as leaking sensitive configuration files containing API keys, or denial of service by deleting critical files like `package.json`. The issue is resolved in version 1.12.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-07
Last Modified
2026-04-24
Generated
2026-06-16
AI Q&A
2026-04-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5627
EUVD
EUVD-2026-19637
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mintplexlabs anythingllm to 1.9.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-29 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5627 is a path traversal vulnerability in the mintplex-labs/anything-llm software, specifically in versions up to and including 1.9.1 within the AgentFlows component. The issue arises from improper handling of user input in the loadFlow and deleteFlow methods, where the combination of path.join and normalizePath allows attackers to bypass directory restrictions.

This vulnerability enables attackers to access or delete arbitrary .json files on the server, which should normally be restricted. This can lead to unauthorized information disclosure or denial of service.

Impact Analysis

The vulnerability can have serious impacts including information disclosure and denial of service. Attackers can exploit it to leak sensitive configuration files that may contain API keys or other confidential data.

Additionally, attackers can delete critical files such as package.json, potentially causing the application to malfunction or become unavailable.

Because the vulnerability allows arbitrary file access and deletion, it poses a high risk to the confidentiality, integrity, and availability of the affected system.

Detection Guidance

Detection of this vulnerability involves checking if the affected software version is up to and including 1.9.1 and if the `AgentFlows` component improperly handles file paths allowing path traversal.

One approach is to verify if unauthorized access or deletion of `.json` files outside the intended directory occurs, especially files like `package.json` or configuration files containing API keys.

Since the vulnerability is related to path traversal in the `loadFlow` and `deleteFlow` methods, monitoring file system access logs for unusual access patterns or deletions of `.json` files outside the flows directory can help.

Specific commands are not provided in the available resources or context.

Mitigation Strategies

The immediate mitigation step is to upgrade the mintplex-labs/anything-llm software to version 1.12.1 or later, where the vulnerability is fixed.

The fix involves enhanced path validation that restricts file operations to within the designated flows directory, preventing path traversal attacks.

If upgrading immediately is not possible, restrict access to the `AgentFlows` component and ensure only trusted admin users can perform flow-plugin operations.

Additionally, monitor and audit file system operations related to `.json` files to detect any unauthorized access or deletion attempts.

Compliance Impact

This vulnerability allows attackers to access or delete arbitrary JSON files on the server, potentially leading to information disclosure of sensitive configuration files containing API keys and denial of service by deleting critical files.

Such unauthorized access and potential data leakage could impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and ensuring system availability.

By exposing sensitive configuration data or causing denial of service, the vulnerability could lead to violations of data protection and security requirements mandated by these regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5627. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart