Mintplexlabs Anythingllm Desktop — known CVE vulnerabilities
Every CVE whose affected-product data names Mintplexlabs Anythingllm Desktop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-8196 — CVSS 9.8 (critical): In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server port 3001 on 0.0.0.0 with no authentication…
CVE-2024-3166 — CVSS 9.6 (critical): A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and…