CVE-2026-41318 | Mintplex-Labs anything-llm up to 1.12.0 /api/workspace/ cross site scripting (GHSA-4q6m-qh3w-9gf5)

Inserito da Angelo Barbosa | Apr 24, 2026 | CVE

A vulnerability labeled as problematic has been found in Mintplex-Labs anything-llm up to 1.12.0. This issue affects some unknown processing of the file /api/workspace/. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-41318. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-41318 | Mintplex-Labs anything-llm up to 1.12.0 /api/workspace/ cross site scripting (GHSA-4q6m-qh3w-9gf5)

Post correlati

CVE-2025-7790 | D-Link DI-8100 16.07.26A1 HTTP Request /menu_nat.asp out_addr/in_addr/out_port/proto stack-based overflow

CVE-2026-40569 | freescout-help-desk freescout up to 1.8.212 Mailbox Connection Settings Endpoint MailboxesController.php connectionIncomingSave access control (GHSA-hmqm-33wp-858j)

CVE-2024-13401 | Payment Button for PayPal Plugin up to 1.2.3.35 on WordPress cross site scripting

CVE-2022-30265 | Emerson PAC Machine Edition code download (icsa-24-158-01)