Vulnerability Description
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. The vulnerability exists in the "Upload File" module, which corresponds to the API endpoint /api/files. Since the multipart file upload does not perform security checks on the uploaded file path, an attacker can perform path traversal by using `../` sequences in the filename field. The file write operation occurs before calling clear_filename and save_file, meaning there is no filtering of filenames or file types, allowing arbitrary content to be written to any path on the server. Version 25.9.1.1 patches the issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mindsdb | Mindsdb | < 25.9.1.1 |
Related Weaknesses (CWE)
References
- https://github.com/mindsdb/mindsdb/commit/87a44bdb2b97f963e18f10a068e1a1e2690505Patch
- https://github.com/mindsdb/mindsdb/releases/tag/v25.9.1.1ProductRelease Notes
- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-4894-xqv6-vrfqExploitVendor Advisory
FAQ
What is CVE-2026-27483?
CVE-2026-27483 is a vulnerability with a CVSS score of 8.8 (HIGH). MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenti...
How severe is CVE-2026-27483?
CVE-2026-27483 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-27483?
Check the references section above for vendor advisories and patch information. Affected products include: Mindsdb Mindsdb.