CVE-2026-2531
Published: 16 February 2026
Summary
CVE-2026-2531 is a medium-severity SSRF (CWE-918) vulnerability in Mindsdb Mindsdb. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-4 (Information Flow Enforcement).
Deeper analysis
CVE-2026-2531 is a server-side request forgery (SSRF) vulnerability, classified under CWE-918, affecting MindsDB versions up to 25.14.1. The issue resides in the clear_filename function within the file mindsdb/utilities/security.py, part of the File Upload component. It carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L), indicating medium severity with network accessibility, low attack complexity, and requirements for low privileges.
The vulnerability can be exploited remotely by authenticated users with low privileges, enabling SSRF attacks through manipulation of the affected function. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially permitting attackers to forge requests to internal or external resources from the server context.
Advisories recommend applying the patch via commit 74d6f0fd4b630218519a700fbee1c05c7fd4b1ed, available in the MindsDB GitHub repository. Related discussions and the fix are documented in GitHub issue #12163 and pull request #12213.
The exploit has been publicly disclosed, increasing the risk of active exploitation. MindsDB, an open-source platform for integrating AI and machine learning into databases, makes this vulnerability particularly relevant for organizations deploying ML workflows.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-6129
Vulnerability details
A security vulnerability has been detected in MindsDB up to 25.14.1. This vulnerability affects the function clear_filename of the file mindsdb/utilities/security.py of the component File Upload. Such manipulation leads to server-side request forgery. The attack may be performed from remote.…
more
The exploit has been disclosed publicly and may be used. The name of the patch is 74d6f0fd4b630218519a700fbee1c05c7fd4b1ed. It is best practice to apply a patch to resolve this issue.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF in public-facing MindsDB web app (file upload component) directly enables remote exploitation of the application by authenticated users to issue forged requests against internal/external resources.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces validation and sanitization of filename/URL inputs in the clear_filename function to block SSRF payloads before server-side requests are issued.
Enforces information flow policies that restrict the server from making arbitrary outbound requests to internal or external resources, limiting SSRF exploitation.
Applies boundary protection mechanisms to monitor and filter unauthorized server-initiated requests that characterize SSRF attacks.