MEDIUM
Mintplex-Labs
CVE published 2026-05-08
CVE-2026-42456
An insecure direct object reference (IDOR) vulnerability in AnythingLLM prior to version 1.12.1 allows authenticated users to access other users' private chat responses via the text-to-speech (TTS) endpoint. The GET /api/workspace/:slug/tts/:chatId route validates workspace membership but fails to verify ownership of the targeted chat row, enabling unauthorized audio retrieval of private assistant respons [truncated]