CVE-2026-47713: CWE-285: Improper Authorization in Mintplex-Labs anything-llm
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user -> multi-user migration even when the device record has userId = null. In multi-user mode, that stale token is still accepted by the mobile authentication middleware. Because no user is attached to the request, downstream mobile handlers fall back to unscoped data-access branches and return workspaces and workspace content without per-user filtering. This permits a pre-migration mobile token to enumerate a workspace assigned only to another user and retrieve victim-owned thread metadata and chat content in multi-user mode. This vulnerability is fixed in 1.13.0.
AI Analysis
Technical Summary
The vulnerability in Mintplex-Labs' AnythingLLM application occurs when a mobile device token created in single-user mode persists after migration to multi-user mode with a null userId. The authentication middleware accepts this stale token without associating it to a user, causing downstream handlers to bypass per-user access controls. This results in unauthorized enumeration and retrieval of workspace metadata and chat content assigned to other users. The issue is addressed in version 1.13.0.
Potential Impact
An attacker possessing a pre-migration mobile token can access workspace and chat content belonging to other users without proper authorization. The impact is limited to information disclosure of thread metadata and chat content. There is no indication of integrity or availability impact. The CVSS score is low (2.0), reflecting limited impact and higher attack complexity.
Mitigation Recommendations
Upgrade AnythingLLM to version 1.13.0 or later, where this improper authorization vulnerability is fixed. Patch status is not explicitly stated beyond this version fix, so users should verify with the vendor for any additional guidance. No other mitigations are indicated.
CVE-2026-47713: CWE-285: Improper Authorization in Mintplex-Labs anything-llm
Description
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user -> multi-user migration even when the device record has userId = null. In multi-user mode, that stale token is still accepted by the mobile authentication middleware. Because no user is attached to the request, downstream mobile handlers fall back to unscoped data-access branches and return workspaces and workspace content without per-user filtering. This permits a pre-migration mobile token to enumerate a workspace assigned only to another user and retrieve victim-owned thread metadata and chat content in multi-user mode. This vulnerability is fixed in 1.13.0.
CVSS v3.1
Score 2.0low
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in Mintplex-Labs' AnythingLLM application occurs when a mobile device token created in single-user mode persists after migration to multi-user mode with a null userId. The authentication middleware accepts this stale token without associating it to a user, causing downstream handlers to bypass per-user access controls. This results in unauthorized enumeration and retrieval of workspace metadata and chat content assigned to other users. The issue is addressed in version 1.13.0.
Potential Impact
An attacker possessing a pre-migration mobile token can access workspace and chat content belonging to other users without proper authorization. The impact is limited to information disclosure of thread metadata and chat content. There is no indication of integrity or availability impact. The CVSS score is low (2.0), reflecting limited impact and higher attack complexity.
Mitigation Recommendations
Upgrade AnythingLLM to version 1.13.0 or later, where this improper authorization vulnerability is fixed. Patch status is not explicitly stated beyond this version fix, so users should verify with the vendor for any additional guidance. No other mitigations are indicated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-19T21:29:25.482Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a18b4aee29bf47b5032f46d
Added to database: 5/28/2026, 9:33:34 PM
Last enriched: 5/28/2026, 9:48:59 PM
Last updated: 5/29/2026, 5:10:13 PM
Views: 15
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.