CVE-2026-27483

8.8 HIGH
Published: February 24, 2026 Modified: February 26, 2026
View on NVD

Description

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. The vulnerability exists in the "Upload File" module, which corresponds to the API endpoint /api/files. Since the multipart file upload does not perform security checks on the uploaded file path, an attacker can perform path traversal by using `../` sequences in the filename field. The file write operation occurs before calling clear_filename and save_file, meaning there is no filtering of filenames or file types, allowing arbitrary content to be written to any path on the server. Version 25.9.1.1 patches the issue.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/mindsdb/mindsdb/commit/87a44bdb2b97f963e18f10a068e1a1e2690505ef
Source: security-advisories@github.com
Patch
https://github.com/mindsdb/mindsdb/releases/tag/v25.9.1.1
Source: security-advisories@github.com
Product Release Notes
https://github.com/mindsdb/mindsdb/security/advisories/GHSA-4894-xqv6-vrfq
Source: security-advisories@github.com
Exploit Vendor Advisory

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
8.8 / 10.0
EPSS (Exploit Probability)
9.5%
93th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-22

Affected Vendors

mindsdb

Related CVEs

CVE-2019-25582 6.5
CVE-2019-25581 8.2
CVE-2019-25580 8.2
CVE-2019-25579 7.5
CVE-2019-25578 8.2