CVE-2026-47713
Authentication Bypass in AnythingLLM via Stale Mobile Tokens
Publication date: 2026-05-28
Last updated on: 2026-05-29
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anythingllm | anythingllm | to 1.13.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in AnythingLLM versions prior to 1.13.0 where a mobile device token created in single-user mode can persist after migrating to multi-user mode, even if the device record has no associated user ID.
In multi-user mode, this stale token is still accepted by the mobile authentication middleware. Since no user is attached to the request, the system falls back to unscoped data access, allowing the token holder to access workspaces and content without proper per-user filtering.
This means an attacker with such a token can enumerate and retrieve workspace data, thread metadata, and chat content belonging to other users, violating data isolation between users.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized access to workspace content and thread metadata belonging to other users due to improper token validation and lack of per-user filtering in multi-user mode.
Such unauthorized data exposure could potentially lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict access controls and protection of personal and sensitive information.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to workspace content and chat data belonging to other users.
An attacker with a stale token can view sensitive information without proper authorization, potentially leading to data leakage and privacy breaches.
Because the token bypasses normal user-scoped access controls, it undermines the security model of the application and exposes user data to unintended parties.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in AnythingLLM version 1.13.0. Immediate mitigation involves upgrading the application to version 1.13.0 or later to ensure that stale mobile device tokens created in single-user mode do not persist and allow unauthorized access in multi-user mode.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying mobile device tokens that have a null userId in a multi-user mode environment, as these tokens can bypass user-scoping and access unauthorized workspace content.
One approach is to query the database table that stores mobile device tokens (e.g., the desktop_mobile_devices table) to find records where the userId field is null.
- Example SQL command to detect such tokens: SELECT * FROM desktop_mobile_devices WHERE userId IS NULL;
Additionally, monitoring authentication logs for requests authenticated with tokens that do not have an associated user or that access data without proper user scoping may help detect exploitation attempts.