Mindsdb - Mindsdb - HIGH - CVE-2025-68472. MindsDB has a vulnerability within its file upload API that allows unauthenticated users to exploit a path traversal weakness. This issue enables attackers to read arbitrary files from the server filesystem and transfer them to MindsDB's storage, potentially exposing sensitive data. Specifically, versions prior to 25.11.1 fail to properly sanitize JSON uploads, leaving the system vulnerable to such attacks. While multipart uploads and URL-based uploads receive appropriate sanitization, JSON uploads do not trigger necessary security checks, increasing the risk of data breaches.