CVE-2026-32628

AnythingLLM has SQL Injection in Built-in SQL Agent Plugin via Unsanitized table_name Parameter

Assigner: GitHub_M
Reserved: 12.03.2026 Published: 13.03.2026 Updated: 13.03.2026

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, a SQL injection vulnerability in the built-in SQL Agent plugin allows any user who can invoke the agent to execute arbitrary SQL commands on connected databases. The getTableSchemaSql() method in all three database connectors (MySQL, PostgreSQL, MSSQL) constructs SQL queries using direct string concatenation of the table_name parameter without sanitization or parameterization.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 7.7

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	None
Attack Complexity	High	Integrity	High	Integrity	None
Attack Requirements	Present	Availability	High	Availability	None
Privileges Required	Low
User Interaction	None

CVSS 4.0

Product Status

Vendor	Mintplex-Labs
Product	anything-llm
Versions	Version <= 1.11.1 is affected

Vendor

Mintplex-Labs

Product

anything-llm

Versions

Version <= 1.11.1 is affected

References

Problem Types

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE

CVE-2026-32628 PUBLISHED

AnythingLLM has SQL Injection in Built-in SQL Agent Plugin via Unsanitized table_name Parameter

Metrics

Product Status

References

Problem Types