The vulnerability identified as CVE-2026-32628 is an SQL injection flaw in the AnythingLLM application developed by Mintplex-Labs, specifically in versions 1.11.1 and earlier. AnythingLLM is designed to convert content into contextual references usable by large language models (LLMs) during chat interactions. The issue resides in the built-in SQL Agent plugin's getTableSchemaSql() method, which is responsible for querying database schemas. This method constructs SQL queries by directly concatenating the user-supplied table_name parameter into the SQL command string without any input sanitization or use of parameterized queries. This insecure coding practice affects all three database connectors supported by the application: MySQL, PostgreSQL, and Microsoft SQL Server (MSSQL). As a result, an attacker who can invoke the SQL Agent plugin with low privileges can craft malicious input to execute arbitrary SQL commands on the backend databases. This can lead to unauthorized data access, data modification, or even deletion, severely impacting the confidentiality, integrity, and availability of the database contents. The vulnerability has a CVSS 4.0 base score of 7.7, reflecting its high severity due to network attack vector, partial attack complexity, partial privileges required, no user interaction, and high impact on confidentiality, integrity, and availability. Although no exploits have been reported in the wild yet, the vulnerability's characteristics make it a critical concern for organizations relying on AnythingLLM for LLM context generation. The lack of patch links indicates that a fix may not yet be publicly available, emphasizing the need for immediate mitigation steps.

The impact of CVE-2026-32628 is significant for organizations using AnythingLLM versions 1.11.1 and earlier. Successful exploitation allows attackers to execute arbitrary SQL commands on connected databases, potentially leading to unauthorized data disclosure, data corruption, or deletion. This compromises the confidentiality, integrity, and availability of sensitive information stored within the databases. Given that AnythingLLM integrates with multiple database types (MySQL, PostgreSQL, MSSQL), the vulnerability affects a broad range of backend systems. Organizations could face operational disruptions, data breaches, regulatory compliance violations, and reputational damage. The attack requires only low privileges and no user interaction, increasing the likelihood of exploitation if the attacker can invoke the SQL Agent plugin. The absence of known exploits in the wild currently provides a window for proactive defense, but the vulnerability’s nature suggests it could be weaponized quickly once exploit code is developed. Enterprises leveraging AnythingLLM in critical environments, especially those handling sensitive or regulated data, are at heightened risk.

To mitigate CVE-2026-32628, organizations should take the following specific actions: 1) Immediately upgrade AnythingLLM to a patched version once Mintplex-Labs releases a fix addressing the SQL injection vulnerability. 2) Until a patch is available, restrict access to the SQL Agent plugin functionality to trusted and authenticated users only, minimizing the attack surface. 3) Implement network-level controls such as firewall rules or API gateways to limit exposure of the AnythingLLM service to untrusted networks. 4) Employ database-level permissions to ensure the application connects with the least privilege necessary, reducing potential damage from SQL injection. 5) Conduct code reviews and static analysis on custom integrations or plugins to detect unsafe SQL query constructions. 6) Monitor database logs and application logs for unusual or unexpected SQL queries indicative of exploitation attempts. 7) Consider deploying Web Application Firewalls (WAFs) with SQL injection detection rules tailored to the application’s query patterns. 8) Educate developers and administrators about secure coding practices, emphasizing parameterized queries and input validation to prevent similar vulnerabilities in the future.