CVE-2025-67846

Name of the Vulnerable Software and Affected Versions Mintlify Platform versions prior to 2025-11-15

Description The Deployment Infrastructure in Mintlify Platform before 2025-11-15 allows attackers to bypass security patches and execute downgrade attacks. This is possible through predictable deployment identifiers on the Vercel preview domain. An attacker can identify the URL structure of a previous deployment containing unpatched vulnerabilities and force the application to load the vulnerable version by directly accessing the specific git-ref or deployment-id subdomain.

Recommendations Update Mintlify Platform to version 2025-11-15 or later.