CVE-2026-48789
Received Received - Intake
BaseFortify

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: GitHub, Inc.

Description
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, on Windows, the document folder listing route can accept an encoded absolute Windows path that resolves outside the intended documents directory. The shared path containment helper rejects POSIX-style "../" traversal but does not reject Windows-style parent paths returned by path.relative(), such as "..". This vulnerability is fixed in 1.13.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-48789
EUVD
EUVD-2026-39008
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
anythingllm anythingllm to 1.13.0 (exc)
mintplex_labs anything_llm to 1.13.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

The vulnerability in AnythingLLM prior to version 1.13.0 on Windows involves the document folder listing route accepting an encoded absolute Windows path that can resolve outside the intended documents directory.

While the shared path containment helper rejects POSIX-style "../" traversal, it does not reject Windows-style parent paths such as ".." returned by path.relative(). This allows traversal outside the intended directory.

This means an attacker could potentially access files outside the designated documents folder by exploiting this path traversal issue.

Impact Analysis

This vulnerability can lead to unauthorized access to files outside the intended documents directory on a Windows system running vulnerable versions of AnythingLLM.

Such unauthorized access could expose sensitive or confidential information stored outside the documents folder, potentially leading to data leakage.

However, the CVSS score of 4.3 indicates a low to medium severity impact, with limited confidentiality impact and no integrity or availability impact.

Mitigation Strategies

To mitigate this vulnerability, upgrade AnythingLLM to version 1.13.0 or later, where the issue with Windows-style path traversal has been fixed.

Detection Guidance

This vulnerability can be detected by attempting to access JSON document metadata from folders outside the intended documents root directory on a Windows deployment of AnythingLLM prior to version 1.13.0.

Specifically, an authenticated user with an API key can try to provide an encoded absolute Windows path that uses Windows-style parent paths such as ".." to see if the system returns an HTTP 200 response with external file listings instead of the expected HTTP 404 error.

  • Use an HTTP client (e.g., curl or Postman) to send requests to the document folder listing route with encoded Windows absolute paths containing ".." segments.
  • Example curl command to test the vulnerability (replace <API_KEY> and <TARGET_URL> accordingly):
  • curl -H "Authorization: Bearer <API_KEY>" "<TARGET_URL>/document-folder?path=%5C..%5Csome_sibling_folder"

If the response is HTTP 200 and returns metadata from outside the intended documents directory, the system is vulnerable.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48789. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart