CNNVD-202512-3441 Information

CNNVD ID

CNNVD-202512-3441

Related CVE

CVE-2025-63390

• CNNVD Published: 2025-12-18

Description (Chinese)

AnythingLLM是Mintplex开源的一个一体化AI应用程序。 AnythingLLM 1.8.5版本存在安全漏洞，该漏洞源于认证绕过，可能导致未授权访问工作区信息。

Description (English)

Anything LLM is an integrated AI application from Mintplex open source. AnythingLM version 1.8.5 contains a security loophole, which originates from certification circumvention, which may lead to unauthorized access to information in the workspace.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Mintplex

Published

2025-12-18

Last Modified

2026-02-24

References

https://gist.github.com/Cristliu/ba529c99abec87102e5ef36435d02a6d https://github.com/Mintplex-Labs/anything-llm/issues https://access.redhat.com/security/cve/cve-2025-63390

Patch

https://github.com/Mintplex-Labs/anything-llm/releases