Cyber Resilience

CVE-2026-27483

HighPublic PoC

Published: 24 February 2026

Published
24 February 2026
Modified
26 February 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1111 95.4th percentile
Risk Priority 60 floored blend · peak EPSS

Summary

CVE-2026-27483 is a high-severity Path Traversal (CWE-22) vulnerability in Mindsdb Mindsdb. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 4.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Other Platforms; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2026-27483 is a path traversal vulnerability (CWE-22) in MindsDB, an open-source platform for building artificial intelligence applications from enterprise data. The flaw affects versions prior to 25.9.1.1 and exists in the /api/files endpoint, specifically the "Upload File" module. Multipart file uploads fail to perform security checks on the uploaded file path, allowing attackers to use ../ sequences in the filename field. File write operations occur before clear_filename and save_file functions are called, enabling unfiltered writes of arbitrary content to server paths. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

An authenticated attacker with low privileges can exploit this issue remotely over the network with no user interaction required. By crafting a malicious file upload request with path traversal in the filename, the attacker can overwrite or create files in arbitrary locations on the server filesystem, such as executable scripts or configuration files. This capability leads to remote command execution, granting high-impact confidentiality, integrity, and availability compromises.

MindsDB patches the vulnerability in version 25.9.1.1, which security practitioners should apply immediately to affected deployments. Official mitigation details are documented in the GitHub security advisory (GHSA-4894-xqv6-vrfq), the release notes for v25.9.1.1, and the fixing commit (87a44bdb2b97f963e18f10a068e1a1e2690505ef).

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. The vulnerability exists in…

more

the "Upload File" module, which corresponds to the API endpoint /api/files. Since the multipart file upload does not perform security checks on the uploaded file path, an attacker can perform path traversal by using `../` sequences in the filename field. The file write operation occurs before calling clear_filename and save_file, meaning there is no filtering of filenames or file types, allowing arbitrary content to be written to any path on the server. Version 25.9.1.1 patches the issue.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: artificial intelligence

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The path traversal vulnerability in the file upload endpoint allows low-privileged authenticated attackers to write arbitrary files remotely, enabling remote code execution through overwriting executable scripts or configuration files, directly facilitating exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-68472Same product: Mindsdb Mindsdb
CVE-2026-2531Same product: Mindsdb Mindsdb
CVE-2016-20041Shared CWE-22
CVE-2025-66429Shared CWE-22
CVE-2025-54307Shared CWE-22
CVE-2026-20688Shared CWE-22
CVE-2026-32060Shared CWE-22
CVE-2026-20614Shared CWE-22
CVE-2025-48567Shared CWE-22
CVE-2026-20615Shared CWE-22

Affected Assets

mindsdb
mindsdb
≤ 25.9.1.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of file paths in the upload endpoint to reject path traversal sequences like '../', preventing arbitrary file writes on the server.

prevent

Enforces access control policies to restrict file write operations to only authorized server paths, blocking exploitation of the unfiltered multipart upload.

detect

Monitors for unauthorized changes to software, firmware, or files that result from path traversal overwrites, enabling detection of exploitation attempts.

References