CVE-2025-68472
Unknown Unknown - Not Provided
Path Traversal in MindsDB File Upload API Exposes Data

Publication date: 2026-01-12

Last updated on: 2026-02-20

Assigner: GitHub, Inc.

Description
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PUT handler in file.py directly joins user-controlled data into a filesystem path when the request body is JSON and source_type is not "url". Only multipart uploads and URL-sourced uploads receive sanitization; JSON uploads lack any call to clear_filename or equivalent checks. This vulnerability is fixed in 25.11.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-12
Last Modified
2026-02-20
Generated
2026-06-16
AI Q&A
2026-01-13
EPSS Evaluated
2026-06-15
NVD
CVE-2025-68472
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
mindsdb mindsdb to 25.11.1 (exc)
mindsdb mindsdb to 25.10.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-23 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CWE-36 The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in MindsDB prior to version 25.11.1 is a path traversal flaw in the file upload API. When a user uploads a file using a JSON request, the filename is not properly sanitized, allowing an attacker to specify arbitrary file paths. This lets an unauthenticated attacker read any file on the server filesystem accessible to MindsDB and move it into MindsDB's storage. The issue arises because only multipart and URL-sourced uploads have filename sanitization, while JSON uploads do not, enabling attackers to escape restricted directories and access sensitive files. [1]

Impact Analysis

This vulnerability can have severe impacts as it allows any unauthenticated user with access to the MindsDB REST API to read and exfiltrate arbitrary files from the server filesystem. This can lead to exposure of sensitive data such as credentials, configuration secrets, private keys, and other confidential information. Additionally, the exploit can remove the original files from their source locations, potentially causing data loss or service disruption. [1]

Detection Guidance

This vulnerability can be detected by monitoring for unusual PUT requests to the MindsDB file upload API that contain JSON payloads with file paths including relative path traversal sequences (e.g., '../') or absolute paths (e.g., '/etc/passwd'). A proof-of-concept involves sending a PUT request with a JSON body specifying a file path that escapes the intended directory. Network traffic inspection tools or web application firewalls can be configured to alert on such suspicious requests. For example, using curl to test the vulnerability: curl -X PUT -H "Content-Type: application/json" -d '{"file": "../../etc/passwd"}' http://<mindsdb-server>/api/file-upload. Additionally, reviewing server logs for unexpected file movements or missing files may indicate exploitation attempts. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade MindsDB to version 25.11.1 or later, where the vulnerability is fixed by proper sanitization of file paths in JSON uploads. Until the upgrade can be applied, restrict access to the MindsDB REST API to trusted users only, implement network-level controls to block unauthorized PUT requests to the file upload endpoint, and monitor logs for suspicious activity. Applying web application firewall rules to detect and block path traversal patterns in JSON payloads can also help mitigate exploitation. [1]

Compliance Impact

This vulnerability allows unauthenticated attackers to read and exfiltrate arbitrary files from the server filesystem, potentially exposing sensitive data such as credentials, configuration secrets, and private keys. Such exposure of sensitive data can lead to non-compliance with data protection standards and regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68472. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart