MindsDB has improper sanitation of filepath that leads to information...

8.1 / 10

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Description

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PUT handler in file.py directly joins user-controlled data into a filesystem path when the request body is JSON and source_type is not "url". Only multipart uploads and URL-sourced uploads receive sanitization; JSON uploads lack any call to clear_filename or equivalent checks. This vulnerability is fixed in 25.11.1.

Basic Information

ID CVE-2025-68472

Source GitHub_M

Published Jan 12, 2026 at 16:53

Modified Jan 12, 2026 at 17:09

Affected Product

Vendor mindsdb

Product mindsdb

Version < 25.11.1

Affected Versions mindsdb mindsdb < 25.11.1

CWE Classification

CWE-22 CWE-23 CWE-36

References

github.com /mindsdb/mindsdb/security/advisories/GHSA-qqhf-pm3j-96g7

{
    "lastseen": "",
    "description": "MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB\u2019s storage, exposing sensitive data. The PUT handler in file.py directly joins user-controlled data into a filesystem path when the request body is JSON and source_type is not \"url\". Only multipart uploads and URL-sourced uploads receive sanitization; JSON uploads lack any call to clear_filename or equivalent checks. This vulnerability is fixed in 25.11.1.",
    "published": "2026-01-12T16:53:47.748Z",
    "modified": "2026-01-12T17:09:01.293Z",
    "type": "cve",
    "title": "MindsDB has improper sanitation of filepath that leads to information disclosure and DOS",
    "source": "GitHub_M",
    "references": "https://github.com/mindsdb/mindsdb/security/advisories/GHSA-qqhf-pm3j-96g7",
    "id": "CVE-2025-68472",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22",
        "CWE-23",
        "CWE-36"
    ],
    "cvelist": null,
    "sourceData": "mindsdb mindsdb < 25.11.1",
    "sourceHref": "",
    "cvss": {
        "score": 8.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "mindsdb",
    "version": "< 25.11.1",
    "vendor": "mindsdb",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

MindsDB has improper sanitation of filepath that leads to information disclosure and DOS_CVE-2025-68472