VulnerableCode Package Details - pkg:pypi/mindsdb@26.0.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/mindsdb@26.0.0

Essentials
History (1)

purl	pkg:pypi/mindsdb@26.0.0

Next non-vulnerable version	26.1.0rc1
Latest non-vulnerable version	26.1.0rc1
Risk	3.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-krac-rtac-2qe5 Aliases: CVE-2026-7711 GHSA-9f6m-65v9-x9g2	MindsDB has an Improper Access Control Issue A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.	26.1.0rc1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T08:25:37.630842+00:00	GitLab Importer	Affected by	VCID-krac-rtac-2qe5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/mindsdb/CVE-2026-7711.yml	38.6.0