Submit #748219: mindsdb v25.14.1 SSRFinfo

Titel	mindsdb v25.14.1 SSRF
Beschreibung	A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload functionality of MindsDB Editor. Due to improper URL validation, an attacker can bypass blacklist restrictions and trigger arbitrary internal network requests.
Quelle	⚠️ https://github.com/mindsdb/mindsdb/issues/12163
Benutzer	fushuling (UID 45488)
Einreichung	28.01.2026 13:55 (vor 3 Monaten)
Moderieren	15.02.2026 10:04 (18 days later)
Status	Akzeptiert
VulDB Eintrag	346119 [MindsDB bis 25.14.1 File Upload security.py clear_filename erweiterte Rechte]
Punkte	15

Want to know what is going to be exploited?

We predict KEV entries!