A CVSS 9.1 critical vulnerability in AnythingLLM exposes the Qdrant vector database API key in plain text via an unauthenticated setup endpoint, enabling any attacker with network access to exfiltrate or poison the entire RAG knowledge base. CISA KEV confirms active exploitation; organizations running AnythingLLM with a Qdrant backend prior to version 1.10.0 should block the /api/setup-complete endpoint immediately and upgrade to 1.10.0 followed by mandatory Qdrant API key rotation.