4 matches found
MindsDB - Remote Code Execution
MindsDB 25.9.1.1 contains a remote code execution caused by path traversal in the /api/files upload file module, letting authenticated attackers write arbitrary files and execute commands, exploit requires authentication. id: CVE-2026-27483 info: name: MindsDB - Remote Code Execution author:...
CVE-2026-27483
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. The vulnerability exists in the...
CVE-2026-27483 MindsDB has Path Traversal in /api/files Leading to Remote Code Execution
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. The vulnerability exists in the...
PT-2026-21751
Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 25.9.1.1 Description MindsDB, a platform for building artificial intelligence from enterprise data, has a path traversal flaw in its /api/files interface. An authenticated attacker can exploit this to achieve remote...