Lucene search
K

4 matches found

Nuclei
Nuclei
added yesterday13 views

MindsDB - Remote Code Execution

MindsDB 25.9.1.1 contains a remote code execution caused by path traversal in the /api/files upload file module, letting authenticated attackers write arbitrary files and execute commands, exploit requires authentication. id: CVE-2026-27483 info: name: MindsDB - Remote Code Execution author:...

8.8CVSS6.7AI score0.11113EPSS
Exploits4References4
NVD
NVD
added 2026/02/24 3:21 p.m.13 views

CVE-2026-27483

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. The vulnerability exists in the...

8.8CVSS0.11113EPSS
Exploits4References3
Cvelist
Cvelist
added 2026/02/24 2:0 p.m.21 views

CVE-2026-27483 MindsDB has Path Traversal in /api/files Leading to Remote Code Execution

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. The vulnerability exists in the...

8.8CVSS0.11113EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.7 views

PT-2026-21751

Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 25.9.1.1 Description MindsDB, a platform for building artificial intelligence from enterprise data, has a path traversal flaw in its /api/files interface. An authenticated attacker can exploit this to achieve remote...

8.8CVSS6.3AI score0.11113EPSS
Exploits4References17
Rows per page
Query Builder