CVE-2025-68472

Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 25.11.1

Description MindsDB is a platform for building artificial intelligence from enterprise data. An unauthenticated path traversal exists in the file upload API for versions prior to 25.11.1, allowing any caller to read arbitrary files from the server filesystem and move them into MindsDB’s storage, potentially exposing sensitive data. The issue stems from improper sanitation of the filepath during file uploads. Specifically, the PUT handler in the file.py component directly joins user-controlled data into a filesystem path when the request body is JSON and the source type is not "url". JSON uploads lack filename sanitization checks, unlike multipart and URL-sourced uploads. The API endpoint involved is the file upload API. The vulnerable parameter is the filepath, which is constructed using user-controlled data.

Recommendations Update MindsDB to version 25.11.1 or later.