Vendor
critical
advisory
MindsDB Unrestricted File Upload Vulnerability (CVE-2026-7711)
2 rules 1 TTP 1 CVECVE-2026-7711 allows for remote, unrestricted file uploads in MindsDB up to version 26.01 due to insufficient validation in the `exec` function of `proc_wrapper.py`, potentially leading to code execution or data exfiltration.
MindsDB
cve
vulnerability
file-upload
2r
1t
1c
critical
threat
MindsDB Path Traversal Vulnerability Leading to Remote Code Execution
3 rules 2 TTPs 1 CVEA path traversal vulnerability in MindsDB versions prior to 25.9.1.1 allows an attacker to achieve remote code execution by uploading a malicious payload and triggering its execution.
MindsDB
path-traversal
rce
webapp
3r
2t
1c