CVE-2025-67506

Name of the Vulnerable Software and Affected Versions PipesHub versions prior to 0.1.0-beta

Description PipesHub is a workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta have a missing authentication check on the POST /api/v1/record/buffer/convert endpoint. This endpoint accepts file uploads, which are then converted to PDF using LibreOffice. The application stores uploaded files using the filename from the request without proper sanitization, specifically failing to normalize the filename. An attacker can exploit this by crafting a filename containing ‘../’ sequences to write arbitrary files to locations where the service account has write access, potentially leading to remote file overwrite or malicious code execution. The vulnerability occurs when uploading a payload to os.path.join(tmpdir, file.filename).

Recommendations Update to PipesHub version 0.1.0-beta or later.