Lucene search
K

5 matches found

NVD
NVD
added 2026/01/12 5:15 p.m.4 views

CVE-2025-68472

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...

9.1CVSS0.19213EPSS
Exploits2References2
PyPA
PyPA
added 2026/01/12 5:15 p.m.10 views

PYSEC-2026-90

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...

9.1CVSS5.9AI score0.19213EPSS
Exploits2References2Affected Software1
EUVD
EUVD
added 2026/01/12 4:53 p.m.6 views

EUVD-2026-1922

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...

8.1CVSS6.5AI score0.19213EPSS
Exploits2References4
Cvelist
Cvelist
added 2026/01/12 4:53 p.m.24 views

CVE-2025-68472 MindsDB has improper sanitation of filepath that leads to information disclosure and DOS

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...

8.1CVSS0.19213EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.6 views

PT-2026-2279

Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 25.11.1 Description MindsDB is a platform for building artificial intelligence from enterprise data. An unauthenticated path traversal exists in the file upload API for versions prior to 25.11.1, allowing any caller t...

9.1CVSS6.6AI score0.19213EPSS
Exploits2References14
Rows per page
Query Builder