What is the CVSS score of CVE-2026-24477?

CVE-2026-24477 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of AI / ML are affected by CVE-2026-24477?

AnythingLLM versions up to 1.10.0 contain a high-severity vulnerability (CVSS 7.5) that enables attackers to compromise semantic search and retrieval functionality, potentially exposing sensitive…

Is there a public PoC exploit available for CVE-2026-24477?

Yes, a public proof-of-concept exploit is available for CVE-2026-24477. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-24477?

Within 24 hours: Audit all AnythingLLM deployments to identify affected versions (≤1.10.0) and document systems processing sensitive data. Within 7 days: Implement network segmentation to restrict AnythingLLM access, disable semantic search features if operationally feasible, and establish enhanced monitoring for suspicious queries. Within 30 days: Evaluate alternative solutions, plan upgrade path to patched version when available, and conduct security assessment of any potentially compromised data.

AI / ML CVE-2026-24477

HIGH

Insertion of Sensitive Information Into Sent Data (CWE-201)

2026-01-27 security-advisories@github.com

Information Disclosure AI / ML Anythingllm

7.5

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Jan 28, 2026 - 15:59 vuln.today

Public exploit code

CVE Published

Jan 27, 2026 - 00:15 nvd

HIGH 7.5

DescriptionGitHub Advisory

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text to unauthenticated users via the /api/setup-complete endpoint. Leakage of QdrantApiKey allows an unauthenticated attacker full read/write access to the Qdrant vector database instance used by AnythingLLM. Since Qdrant often stores the core knowledge base for RAG in AnythingLLM, this can lead to complete compromise of the semantic search / retrieval functionality and indirect leakage of confidential uploaded documents. Version 1.10.0 patches the issue.

AnalysisAI

Anythingllm versions up to 1.10.0 contains a vulnerability that allows attackers to complete compromise of the semantic search / retrieval functionality and indirec (CVSS 7.5).

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Access /api/setup-complete endpoint

Exploit

Retrieve exposed QdrantApiKey in plain text

Execution

Authenticate to Qdrant instance

Impact

Read/write vector database contents

Access

Access /api/setup-complete endpoint

Exploit

Retrieve exposed QdrantApiKey in plain text

Execution

Authenticate to Qdrant instance

Impact

Read/write vector database contents

Vulnerability AssessmentAI

Exploitation	AnythingLLM prior to version 1.10.0 configured with Qdrant vector database backend and API key. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 7.5 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker without authentication could exploit this vulnerability to complete compromise of the semantic search / retrieval functionality and indirec.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all AnythingLLM deployments to identify affected versions (≤1.10.0) and document systems processing sensitive data. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-24477 vulnerability details – vuln.today

Back

AI / ML CVE-2026-24477

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code