A security vulnerability has been detected in MindsDB up to 25.14.1. This vulnerability affects the function clear filename of the file mindsdb/utilities/security.py of the component File Upload. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.