CVE-2026-24477 Scanner

AnythingLLM is a versatile application that enhances the use of large language models (LLMs) by turning content into context, providing valuable references during interactions. This software is widely employed in organizations to streamline communication and enhance information retrieval through semantic search technologies. AnythingLLM is utilized mainly in environments where a robust understanding and indexing of content is critical for knowledge management, such as in research institutions and enterprises. It integrates with Qdrant as a vector database to manage its core knowledge base, critical for its retrieval-augmented generation (RAG) capabilities. Organizations seeking to harness the power of LLMs for various applications often rely on AnythingLLM to efficiently structure and query their vast datasets. The application's wide array of integrations allows for seamless operation across different platforms, enhancing productivity and collaborative efforts.

The Information Disclosure vulnerability in AnythingLLM enables unauthorized access to sensitive information. Specifically, it involves the exposure of the QdrantApiKey via the `/api/setup-complete` endpoint. Such vulnerabilities allow attackers to compromise the application's security by leveraging exposed keys for malicious intents. Information Disclosure vulnerabilities typically undermine data confidentiality, posing significant risks of unauthorized data access and manipulation. In the context of AnythingLLM, this vulnerability could enable attackers to gain full read/write access to the Qdrant vector database. This exposure directly affects the semantic search functionality and potentially leads to the unintended disclosure of sensitive documents.

The vulnerability arises from inadequate protection of API keys, specifically in AnythingLLM versions prior to 1.10.0 when using Qdrant as the vector database. The `/api/setup-complete` endpoint is the vulnerable point where this key exposure occurs. Attackers exploiting this vulnerability access this endpoint to retrieve the QdrantApiKey. Once obtained, malicious actors can manipulate and extract information from the database, gaining unauthorized control over the stored data. The critical aspect of this vulnerability lies in its ability to expose critical application components to unauthorized users, severely undermining the application's integrity and confidentiality mechanisms.

If exploited, this vulnerability could have several severe effects. Unauthenticated attackers can read from and write to the Qdrant database, leading to the compromise of the semantic search functionality in AnythingLLM. This operation may result in the leakage of confidential documents stored within the database, caused by unrestricted database access. Business data integrity can be compromised, and unauthorized data manipulation can occur, undermining the organization's data trustworthiness. The vulnerability could also lead to a full compromise of the knowledge base, affecting the overall operational efficiency and undermining strategic decisions backed by semantic search outputs. Consequently, such security gaps could expose organizations to reputational damage and legal ramifications arising from data breaches.

REFERENCES

• https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-gm94-qc2p-xcwf
• https://nvd.nist.gov/vuln/detail/CVE-2026-24477