CVE-2025-68472 | MindsDB up to 25.11.0 PUT file.py source_type path traversal (GHSA-qqhf-pm3j-96g7)

A vulnerability has been found in MindsDB up to 25.11.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file file.py of the component PUT Handler. This manipulation of the argument source_type causes path traversal.

This vulnerability appears as CVE-2025-68472. The attacker needs to be present on the local network. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More