जमा करें #806822: mindsdb <=26.01 Remote Code Executionजानकारी

शीर्षक	mindsdb <=26.01 Remote Code Execution
विवरण	MindsDB's BYOM (Bring Your Own Model) feature allows users to upload custom Python model code via HTTP API. Key Issues: Uploaded code is directly executed via exec() when creating the engine No need to pre-create files on the server No authentication required (default configuration) RCE can be achieved through a single HTTP PUT request
स्रोत	⚠️ https://github.com/nn0nkey/JD-Security-SHENYI-Team/blob/main/MindsDB_BYOM_RCE.md
उपयोगकर्ता	JD Security SHENYI Team (UID 97436)
सबमिशन	17/04/2026 06:33 AM (2 महीनों पहले)
संयम	03/05/2026 09:43 AM (16 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	360887 [MindsDB तक 26.01 Engine proc_wrapper.py exec अधिकार वृद्धि]
अंक	19

Do you need the next level of professionalism?

Upgrade your account now!