18 matches found
CVE-2026-7712
A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vend...
Deserialization of Untrusted Data
Overview MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the pickle.loads function in the Pickle Handler component. An attacker can execute arbitrary code by...
MindsDB 输入验证错误漏洞
MindsDB is a joint query engine designed by MindsDB Corporation, specifically for AI agents and large language models. It can handle questions related to PB-level enterprise data. MindsDB versions 26.01 and earlier contained a vulnerability related to input validation errors. This vulnerability...
CVE-2026-7712
CVE-2026-7712 affects MindsDB up to version 26.01, with the vulnerability centered on the Pickle Handler's pickle.loads deserialization. The issue allows remote manipulation that leads to deserialization, and the exploit has been publicly disclosed and may be used. The vendor has not responded to...
CVE-2026-7712 MindsDB Pickle pickle.loads deserialization
A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vend...
CVE-2026-7712
A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vend...
CVE-2026-7712 MindsDB Pickle pickle.loads deserialization
A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vend...
EUVD-2026-26853
A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vend...
PT-2026-36729
Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 26.01 Description A remote deserialization issue exists in the Pickle Handler component. The flaw occurs within the pickle.loads function, allowing an attacker to execute a manipulation that leads to insecure...
GHSA-RPFV-46XJ-5984 Upsonic has vulnerability in Pickle Handler component that can lead to deserialization
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/addtool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may ...
Upsonic has vulnerability in Pickle Handler component that can lead to deserialization
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/addtool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may ...
CVE-2025-6279
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/addtool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may ...
PYSEC-2025-68
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/addtool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may ...
PYSEC-2025-68
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/addtool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may ...
CVE-2025-6279 Upsonic Pickle add_tool cloudpickle.loads deserialization
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/addtool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may ...
CVE-2025-6279
CVE-2025-6279 affects Upsonic up to 0.55.6. The vulnerability resides in the Pickle Handler’s function cloudpickle.loads (file /tools/add_tool) and enables deserialization due to the underlying root cause described in the coordinated disclosure. Exploit information is publicly disclosed according...
CVE-2025-6279 Upsonic Pickle add_tool cloudpickle.loads deserialization
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/addtool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may ...
Upsonic 代码问题漏洞
Upsonic is an AI agent framework open-sourced by Upsonic. A code issue vulnerability exists in Upsonic 0.55.6 and earlier versions, which stems from deserialization of the file /tools/addtool function cloudpickle.loads in the component Pickle Handler...