5 matches found
CVE-2025-68472
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...
PYSEC-2026-90
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...
EUVD-2026-1922
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...
CVE-2025-68472 MindsDB has improper sanitation of filepath that leads to information disclosure and DOS
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...
PT-2026-2279
Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 25.11.1 Description MindsDB is a platform for building artificial intelligence from enterprise data. An unauthenticated path traversal exists in the file upload API for versions prior to 25.11.1, allowing any caller t...