Home / Vulnerability Intelligence / CVE-2026-32626

CVE-2026-32626 - Vulnerability Analysis

CriticalCVSS: 9.6

Last Updated: March 16, 2026

AnythingLLM Desktop - Stored XSS & Remote Code Execution

Published: March 16, 2026Updated: March 16, 2026PoC AvailableRemote Exploitable

Overview

AnythingLLM Desktop <= 1.11.1 contains a stored XSS caused by improper sanitization in the chat rendering pipeline, letting attackers execute remote code on the host OS via insecure Electron configuration, exploit requires normal chat usage.

Severity & Score

Severity: Critical

CVSS Score: 9.6

EPSS Score: 14.5%(Probability of exploitation in next 30 days)

Impact

Attackers can execute remote code on the host OS, leading to full system compromise without user interaction beyond normal chat usage.

Mitigation

Update to a version later than 1.11.1 or apply proper sanitization and secure Electron configuration.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 16, 2026

🔴 CVE-2026-32626 - Critical (9.6) AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, AnythingLLM Desktop contains a Streaming Phase XSS vulnerability in the chat rendering pipeline that... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32626/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-32626
Severity: Critical
CVSS Score: 9.6
Type: stored_xss
Status: confirmed
EPSS: 14.5%
Social Posts: 1

CWE

CWE-79

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Score

14.5%Probability of exploitation in the next 30 days