Cyber Resilience

CVE-2024-4286

MediumRCE

Published: 26 May 2024

Published
26 May 2024
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3 4.9 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0010 27.8th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-4286 is a medium-severity Expression Language Injection (CWE-917) vulnerability. Its CVSS base score is 4.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data Destruction (T1485); ranked at the 27.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the LLM/Generative AI Risks risk domain; MITRE ATLAS techniques in scope: External Harms (AML.T0048), LLM Prompt Injection (AML.T0051).

EU & UK References

Vulnerability details

Mintplex-Labs' anything-llm application is vulnerable to improper neutralization of special elements used in an expression language statement, identified in the commit id `57984fa85c31988b2eff429adfc654c46e0c342a`. The vulnerability arises from the application's handling of user modifications by managers or admins, allowing for the…

more

modification of all existing attributes of the `user` database entity without proper checks or sanitization. This flaw can be exploited to delete user threads, denying users access to their previously submitted data, or to inject fake threads and/or chat history for social engineering attacks.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
LLM/Generative AI Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
The vulnerability affects Mintplex-Labs' anything-llm, an open-source application for private LLM interactions, chat threads, and history management, fitting the Enterprise AI Assistants category as it provides an end-to-end platform for LLM-based assistants.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1485 Data Destruction Impact
Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

The vulnerability enables deletion of user threads for data destruction (T1485) and injection of fake threads/chat history for stored data manipulation (T1492).

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0048: External HarmsAML.T0051: LLM Prompt Injection

Affected Assets

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References