AnythingLLM is a self-hosted, full-stack AI application developed by Mintplex Labs that combines document chat, AI agents, and configurable model backends in a single interface.
AnythingLLM (v1.12.0) is one of the most popular open-source RAG platforms with over 58,000 GitHub stars. It supports multiple LLMs and vector stores, making it ideal for internal knowledge bases and private RAG deployments.
GitHub: Mintplex-Labs/anything-llm
- Initial public release of AnythingLLM
- Focus on document chat and RAG capabilities
- Built-in LanceDB vector database
- AI Agents with no-code builder
- Multi-user mode for Docker deployments
- MCP (Model Context Protocol) support
- Embeddable chat widgets
- Expanded LLM provider support (36+ providers)
- Mobile app launch (Google Play v1.10.0)
- PWA support added (v1.9.1)
- Latest Release: v1.12.0 (April 2, 2026) — file system agent, intelligent tool selection
- GitHub: 58.2k+ stars, 6.3k+ forks
- Security: 13 security advisories published (Jan 2024 - Mar 2026), fixes released in v1.10.0+ and v1.11.2
- Key 2026 Releases:
- v1.12.0 (Apr 2): File system agent, intelligent tool selection, permission system for desktop
- v1.11.2 (Mar 18): Critical security fix (CVE-2026-32626 - XSS to RCE), UI improvements, new prompt input, better citations UI, agent metrics, toggle agent skills
- v1.11.1 (Mar 2): Homepage redesign, native tool calling for local LLMs, Lemonade by AMD integration
- v1.11.0 (Feb 18): Desktop Overlay feature, SambaNova/PrivateModeAI integration, web push notifications
- v1.10.0 (Jan 22): Desktop Assistant, meeting recording, mobile app launch, Cohere agent, Community Hub, security fixes for CVE-2026-24477/24478
AnythingLLM is built primarily in JavaScript (98.4%) and CSS (1.3%), with a focus on ease of deployment and use.
- Built-in RAG - Turn documents into context for any LLM
- AI Agents - Autonomous AI capabilities with no-code agent builder
- MCP Compatible - Full Model Context Protocol support
- Multi-user Mode - Role-based access control (Docker version)
- Multi-modal Support - Images, PDFs, and documents
- Embeddable Chat Widgets - Deploy chat on your website
- Document Ingestion - PDF, TXT, DOCX, MD, and more
- Agent Tools - Web browsing, code execution, API calls
- Chat Modes - Different interaction modes for various use cases
- API Access - Full developer API for integrations
- Desktop App - Native applications for macOS, Windows, and Linux
- Mobile App - Android app available on Google Play (v1.10.0)
- PWA Support - Progressive Web App for cross-platform use (v1.9.1)
- Desktop Overlay - Always-on-top overlay for quick access (v1.11.0)
- Desktop Assistant - System-level assistant with meeting recording (v1.10.0)
- Community Hub - Plugin marketplace for community extensions
AnythingLLM has disclosed 13 security advisories from January 2024 to March 2026. The most critical issues were addressed in v1.10.0.
| GHSA ID |
CVE |
Vulnerability |
Severity |
CVSS |
Fixed |
Published |
| GHSA-rrmw-2j6x-4mf2 |
CVE-2026-32626 |
XSS to RCE via LLM Response Injection |
Critical |
9.7 |
v1.11.2 |
Mar 13, 2026 |
| GHSA-jwjx-mw2p-5wc7 |
- |
SQL Injection in SQL Agent Plugin |
High |
- |
- |
Mar 13, 2026 |
| GHSA-24qj-pw4h-3jmm |
CVE-2026-32617 |
Permissive CORS policy |
High |
- |
- |
Mar 12, 2026 |
| GHSA-2qmm-82f7-8qj5 |
- |
IDOR Cross-User Chat Feedback |
Moderate |
- |
- |
Mar 13, 2026 |
| GHSA-rh66-4w74-cf4m |
CVE-2026-32719 |
Zip Slip Path Traversal |
Moderate |
- |
- |
Mar 13, 2026 |
| GHSA-p5rf-8p88-979c |
CVE-2026-32628 |
Cross-Workspace IDOR / SQL Injection in SQL Agent |
Moderate |
- |
- |
Mar 13, 2026 |
| GHSA-wfq3-65gm-3g2p |
- |
Manager Privilege Bypass |
Low |
- |
- |
Mar 13, 2026 |
| GHSA-7754-8jcc-2rg3 |
CVE-2026-32717 |
Suspended Users API Key Access |
Low |
- |
- |
Mar 13, 2026 |
| GHSA ID |
CVE |
Vulnerability |
Severity |
Fixed |
| GHSA-gm94-qc2p-xcwf |
CVE-2026-24477 |
API key leak in systemSettings.js |
High (8.7) |
v1.10.0 |
| GHSA-jp2f-99h9-7vjv |
CVE-2026-24478 |
Path traversal in DrupalWiki |
High (7.2) |
v1.10.0 |
| GHSA-47vr-w3vm-69ch |
CVE-2026-21484 |
Username Enumeration |
Moderate (5.3) |
- |
| GHSA ID |
Vulnerability |
Severity |
Published |
| GHSA-7hpg-6pc7-cx86 |
Ollama token leak (GHSL-2025-056) |
High |
May 7, 2025 |
| GHSA-xmj6-g32r-fc5q |
Unauthenticated DOS attack |
High (7.5) |
Jan 18, 2024 |
Recommendation: Always run the latest version (v1.12.0 or newer). Monitor GitHub Security Advisories for updates.
AnythingLLM is a mature platform for self-hosted AI applications with:
- 36+ LLM Providers - OpenAI, Anthropic, Ollama, LM Studio, LocalAI, and more
- Multiple Vector DBs - LanceDB (default), Chroma, Milvus, Pinecone, Qdrant, Weaviate
- Multi-user Support - Role-based access control in Docker version
- Desktop Apps - Native applications for macOS, Windows, Linux
- Mobile App - Android app on Google Play (v1.10.0)
- PWA Support - Progressive Web App (v1.9.1)
- Desktop Overlay - Always-on-top quick access (v1.11.0)
- Desktop Assistant - System-level assistant with meeting recording (v1.10.0)
- Community Hub - Plugin marketplace for extensions
- API Access - Full REST API for integrations
- Embeddable Widgets - Chat widgets for websites
AnythingLLM is released under the MIT License:
- Free to use, modify, and distribute
- Commercial use allowed
- No warranty provided