{"data":{"id":"97f4a9f2-11a9-4367-a28f-c5c45daf7d04","title":"CVE-2026-41318: AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatti","summary":"AnythingLLM, an application that lets LLMs reference external documents during conversations, has a security flaw in versions before 1.12.1 where chart captions aren't properly filtered for malicious code. An attacker can inject harmful instructions (prompt injection, where hidden commands are slipped into LLM inputs) through shared documents or chart records to execute XSS (cross-site scripting, code that runs in other users' browsers without permission) when those users view the conversation.","solution":"Update to version 1.12.1 or later, which contains a patch for this issue.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-41318","publishedAt":"2026-04-24T04:16:20.193Z","cveId":"CVE-2026-41318","cweIds":["CWE-79","CWE-116","CWE-1336"],"cvssScore":"5.4","cvssSeverity":"medium","severity":"medium","attackType":["prompt_injection","rag_poisoning"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["LlamaIndex"],"affectedVendorsRaw":["AnythingLLM"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N","attackVector":"network","attackComplexity":"high","privilegesRequired":"low","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-24T04:16:20.193Z","capecIds":["CAPEC-198","CAPEC-86"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0020","AML.T0051","AML.T0051.001"]}}