CVE-2026-32626

PUBLISHED
Published: 13 Mar 2026, 20:14
Last modified:13 Mar 2026, 20:14

Vulnerability Summary

Overall Risk (default)
high
70/100
CVSS Score
9.7 CRITICAL
v3.1 (cve.org)
EPSS Score
0.15% LOW
0% probability
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

13 Mar 2026, 20:14
Published
Vulnerability first disclosed

Description

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, AnythingLLM Desktop contains a Streaming Phase XSS vulnerability in the chat rendering pipeline that escalates to Remote Code Execution on the host OS due to insecure Electron configuration. This works with default settings and requires no user interaction beyond normal chat usage. The custom markdown-it image renderer in frontend/src/utils/chat/markdown.js interpolates token.content directly into the alt attribute without HTML entity escaping. The PromptReply component renders this output via dangerouslySetInnerHTML without DOMPurify sanitization — unlike HistoricalMessage which correctly applies DOMPurify.sanitize().

CVSS Metrics

  • v3.1CRITICALScore: 9.7CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.15% Percentile: 36%

Techniques & Countermeasures

  • CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

    The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Affected Systems

  • mintplex-labsanything-llm

    ≤ 1.11.1

References (2)