Zhihuang Liu

**Name of the Vulnerable Software and Affected Versions** AnythingLLM version 1.8.5 **Description** An authentication bypass allows unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. The issue is due to missing authentication checks in the `/api/workspaces` endpoint. Exposed data includes workspace identifiers (`id`, `name`, `slug`), AI model configurations (`chatProvider`, `chatModel`, `agentProvider`), system prompts (`openAiPrompt`), operational parameters (`temperature`, `history length`, `similarity thresholds`), vector search settings, chat modes, and timestamps. **Recommendations** Apply authentication checks to the `/api/workspaces` endpoint to prevent unauthorized access to workspace configuration details.