{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32719", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-13T14:33:42.825Z", "datePublished": "2026-03-13T21:25:31.682Z", "dateUpdated": "2026-03-16T16:44:38.247Z"}, "containers": {"cna": {"title": "AnythingLLM has a Zip Slip Path Traversal and Code Execution via Community Hub Plugin Import", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-94", "lang": "en", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-rh66-4w74-cf4m", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-rh66-4w74-cf4m"}, {"name": "https://github.com/Mintplex-Labs/anything-llm/commit/6a492f038da195a5c9a239d5ca2e9f2151c25f8c", "tags": ["x_refsource_MISC"], "url": "https://github.com/Mintplex-Labs/anything-llm/commit/6a492f038da195a5c9a239d5ca2e9f2151c25f8c"}], "affected": [{"vendor": "Mintplex-Labs", "product": "anything-llm", "versions": [{"version": "<= 1.11.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-13T21:25:31.682Z"}, "descriptions": [{"lang": "en", "value": "AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The ImportedPlugin.importCommunityItemFromUrl() function in server/utils/agents/imported.js downloads a ZIP file from a community hub URL and extracts it using AdmZip.extractAllTo() without validating file paths within the archive. This enables a Zip Slip path traversal attack that can lead to arbitrary code execution."}], "source": {"advisory": "GHSA-rh66-4w74-cf4m", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T16:44:32.891677Z", "id": "CVE-2026-32719", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T16:44:38.247Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32719", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T16:44:32.891677Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T16:44:35.552Z"}}], "cna": {"title": "AnythingLLM has a Zip Slip Path Traversal and Code Execution via Community Hub Plugin Import", "source": {"advisory": "GHSA-rh66-4w74-cf4m", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Mintplex-Labs", "product": "anything-llm", "versions": [{"status": "affected", "version": "<= 1.11.1"}]}], "references": [{"url": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-rh66-4w74-cf4m", "name": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-rh66-4w74-cf4m", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/Mintplex-Labs/anything-llm/commit/6a492f038da195a5c9a239d5ca2e9f2151c25f8c", "name": "https://github.com/Mintplex-Labs/anything-llm/commit/6a492f038da195a5c9a239d5ca2e9f2151c25f8c", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The ImportedPlugin.importCommunityItemFromUrl() function in server/utils/agents/imported.js downloads a ZIP file from a community hub URL and extracts it using AdmZip.extractAllTo() without validating file paths within the archive. This enables a Zip Slip path traversal attack that can lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-13T21:25:31.682Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32719", "state": "PUBLISHED", "dateUpdated": "2026-03-16T16:44:38.247Z", "dateReserved": "2026-03-13T14:33:42.825Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-13T21:25:31.682Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:*", "matchCriteriaId": "384FD8C3-E046-493C-9996-8E3042229081", "versionEndIncluding": "1.11.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The ImportedPlugin.importCommunityItemFromUrl() function in server/utils/agents/imported.js downloads a ZIP file from a community hub URL and extracts it using AdmZip.extractAllTo() without validating file paths within the archive. This enables a Zip Slip path traversal attack that can lead to arbitrary code execution."}], "id": "CVE-2026-32719", "lastModified": "2026-03-16T20:29:53.200", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-16T14:19:42.837", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/Mintplex-Labs/anything-llm/commit/6a492f038da195a5c9a239d5ca2e9f2151c25f8c"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory", "Mitigation"], "url": "https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-rh66-4w74-cf4m"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-94"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.11.1]"}}], "enrichment": {"confidence": 98.0, "confidence_source": "matching", "scores": [{"score": 98.0, "source": "matching"}]}, "original": {"product": "anything-llm", "source": "cna", "vendor": "Mintplex-Labs"}, "product": "anything-llm", "vendor": "mintplexlabs"}], "analysis": {"en": {"generated_at": "2026-03-16T23:02:43.564413+00:00", "value": {"mitigation_remediation": ["Upgrade AnythingLLM to a version newer than 1.11.1 (ideally the latest release that includes the path validation change).", "If an upgrade is not immediately possible, temporarily disable the community hub plugin import feature or restrict which URLs can be used for importing.", "Verify that the server\u2019s file permissions and operating environment are configured to prevent arbitrary file writes."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary code execution via path traversal"}, "threat_synthesis": {"affected_systems": "Affecting the Mintplex\u2011Labs AnythingLLM application, specifically version 1.11.1 and earlier. Identified through the vendor product list Mintplex-Labs:anything-llm and the affected version field in the CVE entry. Newer releases are not impacted.", "description_and_impact": "The vulnerability resides in the ImportedPlugin.importCommunityItemFromUrl() function of the AnythingLLM server. It downloads a ZIP archive from a community hub URL and extracts it without validating internal paths. This allows an attacker to craft a malicious ZIP containing dot\u2011dot path components and arbitrary files, enabling a Zip Slip path traversal that ultimately leads to arbitrary code execution. The weakness corresponds to CWE\u201122 (Path Traversal) and CWE\u201194 (Code Injection).", "risk_and_exploitability": "The CVSS score of 4.2 indicates a moderate overall threat, and the EPSS score of less than 1% shows a low probability of exploitation in the wild. The vulnerability is not catalogued in CISA\u2019s KEV list. Exploitation requires access to the server\u2019s import feature; an attacker can supply a crafted URL to the community hub and trigger the extraction, resulting in file system overwrites and code execution. The attack vector is network\u2011based through the import API, but an attacker would need sufficient privileges to configure or instruct the server to import the malicious ZIP."}}}}, "created": "2026-03-16T09:22:35.153029+00:00", "updated": "2026-03-23T13:39:15.647972+00:00", "vendors": ["mintplexlabs", "mintplexlabs$PRODUCT$anything-llm"]}